Lucene search
PRIOn knowledge basePRION:CVE-2023-3354HistoryJul 11, 2023 - 5:15 p.m.
Null pointer dereference
2023-07-1117:15:00
PRIOn knowledge base
www.prio-n.com
12
qemu
vnc server
null pointer
dereference
remote client
denial of service
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 38 | |
| qemu | lt | 8.1.0 | |
| qemu | eq | 8.1.0 rc1 | |
| qemu | eq | 8.1.0 rc0 | |
| enterprise_linux | eq | 7.0 | |
| enterprise_linux | eq | 8.0 | |
| enterprise_linux | eq | 8.0 | |
| enterprise_linux | eq | 9.0 | |
| openstack_platform | eq | 13.0 |
Related
cve
cve
CVE-2023-3354
2023-07-11 17:15:13
alpinelinux
alpinelinux
CVE-2023-3354
2023-07-11 17:15:13
cbl_mariner
cbl_mariner
CVE-2023-3354 affecting package qemu for versions less than 8.2.0-1
2024-03-19 17:21:46
CVE-2023-3354 affecting package qemu for versions less than 6.2.0-19
2023-11-28 22:14:06
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2023-09-13 00:00:00
virt:ol and virt-devel:rhel security and bug fix update
2023-09-21 00:00:00
kvm_utils3 security update
2023-10-07 00:00:00
osv
osv
CVE-2023-3354
2023-07-11 17:15:13
Important: qemu-kvm security and bug fix update
2023-09-12 00:00:00
Important: virt:rhel and virt-devel:rhel security and bug fix update
2023-09-19 00:00:00
nvd
nvd
CVE-2023-3354
2023-07-11 17:15:13
nessus
nessus
AlmaLinux 9 : qemu-kvm (ALSA-2023:5094)
2023-09-14 00:00:00
Oracle Linux 9 : qemu-kvm (ELSA-2023-5094)
2023-09-13 00:00:00
EulerOS 2.0 SP8 : qemu (EulerOS-SA-2023-3153)
2024-01-16 00:00:00
debiancve
debiancve
CVE-2023-3354
2023-07-11 17:15:13
redhatcve
redhatcve
CVE-2023-3354
2023-06-28 11:17:06
openvas
openvas
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-3153)
2023-11-09 00:00:00
Huawei EulerOS: Security Advisory for qemu-micro (EulerOS-SA-2023-3228)
2023-11-10 00:00:00
Huawei EulerOS: Security Advisory for qemu-micro (EulerOS-SA-2023-3193)
2023-11-10 00:00:00
cvelist
cvelist
redos
redos
ROS-20230825-05
2023-08-25 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-08-13 19:55:03
redhat
redhat
(RHSA-2023:5094) Important: qemu-kvm security and bug fix update
2023-09-12 07:46:21
(RHSA-2023:6227) Important: qemu-kvm security update
2023-11-01 08:58:37
(RHSA-2023:5587) Important: virt:rhel security update
2023-10-10 13:59:54
ubuntucve
ubuntucve
CVE-2023-3354
2023-07-11 00:00:00
almalinux
almalinux
Important: qemu-kvm security and bug fix update
2023-09-12 00:00:00
Important: virt:rhel and virt-devel:rhel security and bug fix update
2023-09-19 00:00:00
debian
debian
[SECURITY] [DLA 3759-1] qemu security update
2024-03-11 17:27:07
fedora
fedora
[SECURITY] Fedora 38 Update: qemu-7.2.5-1.fc38
2023-08-29 01:35:27
ubuntu
ubuntu
QEMU regression
2024-06-06 00:00:00
QEMU vulnerabilities
2024-01-08 00:00:00