N/A

VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host.

N/A

不加限制或调节的资源分配

QEMU 输入验证错误漏洞

QEMU（Quick Emulator）是法国法布里斯-贝拉（Fabrice Bellard）个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 2.11.0版本及之前版本存在输入验证错误漏洞，该漏洞源于内存无限分配。攻击者可利用该漏洞造成拒绝服务。

N/A

N/A