Quick Emulator VNC Display Driver Out-of-Bounds Memory Access Denial of Service Vulnerability [CVE-2017-2633]
A vulnerability in the Virtual Network Computing (VNC) display driver of Quick Emulator (QEMU) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to improper memory operations performed by the vnc_refresh_server_surface() function of the affected software. An attacker could exploit this vulnerability by refreshing the VNC display surface area within a guest system. A successful exploit could cause an out-of-bounds memory access condition, which would allow the attacker to crash the QEMU process, resulting in a DoS condition on the affected device.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
QEMU has confirmed the vulnerability and released software updates.
CVE Number = CVE-2017-2633
-
To exploit this vulnerability, the attacker must authenticate to a targeted system, making exploitation difficult in environments that restrict network access from untrusted sources.
-
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators are advised to monitor affected systems.
-
QEMU has released a git commit at the following link: commit 9f64916da20eea67121d544698676295bbb105a7
Red Hat has released an official CVE statement and security advisories for bug 1425939 at the following links: CVE-2017-2633, RHSA-2017:1205, RHSA-2017:1206, RHSA-2017:1441, and RHSA-2017:1856
-
QEMU has released a software update at the following link: QEMU 1.7.2 and later
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.