PowerKVM is vulnerable to Qemu vulnerability CVE-2015-1779.
CVEID: CVE-2015-1779**
DESCRIPTION:** QEMU is vulnerable to a denial of service, caused by an error when processing incoming frames by the websocket frame decoder. A remote attacker from within the local network with access to a guest’s VNC console could exploit this vulnerability to exhaust all available CPU and memory resources.
CVSS Base Score: 5.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101834 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:A/AC:M/Au:N/C:N/I:N/A:C)
PowerKVM 2.1
Fix is made available via Fix Central in Build 46 and all later builds and fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see the README at <http://delivery04.dhe.ibm.com/sar/CMA/OSA/04xig/0/README> for prerequisite fixes and instructions.
None