A vulnerability in the Virtual Network Computing (VNC) display driver of Quick Emulator (QEMU) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to improper memory operations performed by the vnc_refresh_server_surface() function of the affected software. An attacker could exploit this vulnerability by refreshing the VNC display surface area within a guest system. A successful exploit could cause an out-of-bounds memory access condition, which would allow the attacker to crash the QEMU process, resulting in a DoS condition on the affected device.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
QEMU has confirmed the vulnerability and released software updates.