Qemu · Qemu · CVE-2022-3165
**Name of the Vulnerable Software and Affected Versions**
QEMU (affected versions not specified)
**Description**
The issue is related to an integer underflow in the QEMU VNC server when processing `ClientCutText` messages in the extended format. This can be exploited by a malicious client sending a specially crafted payload message, resulting in a denial of service, making QEMU unresponsive. The exploitation can be done remotely.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.