QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3165

Published: Oct 17, 2022

Modified: May 14, 2025

PUBLISHED

Description

An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.

Vendor	Product	Versions
n/a	QEMU	affected `Affected 6.1.0 and later. Will be fixed in 7.2.0-rc0.`

Weaknesses (CWE)

References

https://gitlab.com/qemu-project/qemu/-/commit/d307040b18

FEDORA-2022-8dcdfe7297

vendor-advisory

FEDORA-2022-4387579e67

vendor-advisory

https://security.netapp.com/advisory/ntap-20221223-0006/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.