CVE-2023-6683

Summary

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 88100020240314161907.e155f54d < *unaffected
Red HatRed Hat Enterprise Linux 88100020240314161907.e155f54d < *unaffected
Red HatRed Hat Enterprise Linux 917:8.2.0-11.el9_4 < *unaffected

Weaknesses

  • CWE-476: NULL Pointer Dereference

Workarounds

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References