6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.891 High
EPSS
Percentile
98.6%
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e6908bfe8e07f2b452e78e677da1b45b1c0f6829
lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
rhn.redhat.com/errata/RHSA-2015-0349.html
rhn.redhat.com/errata/RHSA-2015-0624.html
secunia.com/advisories/61484
secunia.com/advisories/62143
secunia.com/advisories/62144
support.citrix.com/article/CTX200892
www.debian.org/security/2014/dsa-3066
www.debian.org/security/2014/dsa-3067
www.ubuntu.com/usn/USN-2409-1
bugzilla.redhat.com/show_bug.cgi?id=1157641