CVE-2022-3165
Summary
| CVE | CVE-2022-3165 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-10-17 16:15:00 UTC |
|---|
| Updated | 2023-11-07 03:50:00 UTC |
|---|
| Description | An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 37 Update: qemu-7.0.0-10.fc37 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] Fedora 36 Update: qemu-6.2.0-16.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| ui/vnc-clipboard: fix integer underflow in vnc_client_cut_text_ext (d307040b) · Commits · QEMU / QEMU · GitLab |
MISC |
gitlab.com |
|
| [SECURITY] Fedora 37 Update: qemu-7.0.0-10.fc37 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| CVE-2022-3165 QEMU Vulnerability in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| [SECURITY] Fedora 36 Update: qemu-6.2.0-16.fc36 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160408 Oracle Enterprise Linux Security Update for qemu (ELSA-2023-12065)
- 160453 Oracle Enterprise Linux Security Update for virt:kvm_utils (ELSA-2023-12108)
- 160507 Oracle Enterprise Linux Security Update for virt:kvm_utils2 (ELSA-2023-12195)
- 160590 Oracle Enterprise Linux Security Update for qemu-kvm (ELSA-2023-2162)
- 160683 Oracle Enterprise Linux Security Update for virt:ol and virt-devel:rhel (ELSA-2023-2757)
- 184859 Debian Security Update for qemu (CVE-2022-3165)
- 199069 Ubuntu Security Notification for QEMU Vulnerabilities (USN-5772-1)
- 241416 Red Hat Update for qemu-kvm security (RHSA-2023:2162)
- 241506 Red Hat Update for virt:rhel and virt-devel:rhel security (RHSA-2023:2757)
- 283235 Fedora Security Update for qemu (FEDORA-2022-8dcdfe7297)
- 283467 Fedora Security Update for qemu (FEDORA-2022-4387579e67)
- 378706 Alibaba Cloud Linux Security Update for virt:rhel and virt-devel:rhel (ALINUX3-SA-2023:0082)
- 502928 Alpine Linux Security Update for qemu
- 505807 Alpine Linux Security Update for qemu
- 904306 Common Base Linux Mariner (CBL-Mariner) Security Update for qemu (11222)
- 906851 Common Base Linux Mariner (CBL-Mariner) Security Update for qemu (11222-1)
- 941043 AlmaLinux Security Update for qemu-kvm (ALSA-2023:2162)
- 941115 AlmaLinux Security Update for virt:rhel and virt-devel:rhel (ALSA-2023:2757)
