Описание
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qemu | fixed | 1:7.2+dfsg-1 | package | |
| qemu | not-affected | bullseye | package | |
| qemu | not-affected | buster | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2129739
Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/0bf41cab93e5c72dcda717abd625698b59d9ba3e (v6.1.0-rc0)
Proposed fix: https://lists.nongnu.org/archive/html/qemu-devel/2022-09/msg03948.html
Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/d307040b18bfcb1393b910f1bae753d5c12a4dc7 (v7.2.0-rc0)
EPSS
Связанные уязвимости
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
EPSS