exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2023-3354

Status Candidate

Overview

A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.

Related Files

Ubuntu Security Notice USN-6567-2
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6567-2 - USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behavior change leading to a regression in certain environments. This update fixes the problem. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-14394, CVE-2020-24165, CVE-2021-3611, CVE-2021-3638, CVE-2023-1544, CVE-2023-2861, CVE-2023-3180, CVE-2023-3255, CVE-2023-3301, CVE-2023-3354, CVE-2023-40360, CVE-2023-4135, CVE-2023-42467, CVE-2023-5088
SHA-256 | a54d7bc90f81ef99a51f6873f6c189be32af415ca78c88b11fc2bd3df9e91a3b
Ubuntu Security Notice USN-6567-1
Posted Jan 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-14394, CVE-2020-24165, CVE-2021-3611, CVE-2021-3638, CVE-2023-1544, CVE-2023-2861, CVE-2023-3180, CVE-2023-3255, CVE-2023-3301, CVE-2023-3354, CVE-2023-40360, CVE-2023-4135, CVE-2023-42467, CVE-2023-5088
SHA-256 | 822fd59a00f432568a1ff02767caa245fcfcf6843527f21aad32e7fa00321108
Red Hat Security Advisory 2023-6227-01
Posted Nov 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-6227-01 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-3354
SHA-256 | e126f03dc6cf19d8d40814da2db79323415b513e300e8f35f5c557bb32337af7
Red Hat Security Advisory 2023-5233-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2022-41723, CVE-2023-1637, CVE-2023-20593, CVE-2023-21102, CVE-2023-2602, CVE-2023-2603, CVE-2023-30630, CVE-2023-31248, CVE-2023-3354, CVE-2023-3390, CVE-2023-34969, CVE-2023-35001, CVE-2023-3610
SHA-256 | 7d1ca71c1592ac5ce6262de9a56cdeccb6d9818d38d921dd586a1126ca6c0bd9
Red Hat Security Advisory 2023-5239-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5239-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-40284, CVE-2023-3354
SHA-256 | 45524df89c7207127ca092b7adc930ba289bae5163839a6e1874326b61dec625
Red Hat Security Advisory 2023-5264-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5264-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-40284, CVE-2023-3354
SHA-256 | 251fc333f220982b50c672eb4d632ab062b755cde0078eae48238e56700200b0
Red Hat Security Advisory 2023-5094-01
Posted Sep 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5094-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2023-3354
SHA-256 | 60df9c0223db5787425cacba35e8fe74b4c0345dd4da73b94dcd73fbc771f789
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    31 Files
  • 26
    Jul 26th
    13 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    27 Files
  • 30
    Jul 30th
    49 Files
  • 31
    Jul 31st
    29 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close