Ubuntu Security Notice 1063-1 - Neil Wilson discovered that if VNC passwords were blank in QEMU configurations, access to VNC sessions was allowed without a password instead of being disabled. A remote attacker could connect to running VNC sessions of QEMU and directly control the system. By default, QEMU does not start VNC sessions.
f58fcaa41e8dd476310be860b4827839a5fcbf87285da73a23b6edf3e0272132