Intrusion Prevention

QEMU.vnc.set.pixel.format.bits.per.pixel.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in QEMU VNC.
The vulnerability is caused by lack of proper validation when the vulnerable software handle a maliciously crafted packet. A remote attacker can exploit this to execute arbitrary code within context of the affected software.

Affected Products

QEMU QEMU prior to commit e6908bfe8e07f2b4

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/qemu/qemu/commit/e6908bfe8e07f2b4

CVE References

CVE-2014-7815