Lucene search
RedHatRHSA-2016:0997HistoryMay 10, 2016 - 7:00 a.m.
(RHSA-2016:0997) Important: qemu-kvm security update
2016-05-1007:00:21
access.redhat.com
22
0.002 Low
EPSS
Percentile
56.3%
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM.
Security Fix(es):
- An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process. (CVE-2016-3710)
Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360 Marvel Team) for reporting this issue.
Related
nessus
nessus
RHEL 7 : qemu-kvm-rhev (RHSA-2016:0725)
2018-09-06 00:00:00
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20160510)
2016-06-09 00:00:00
RHEL 6 : qemu-kvm (RHSA-2016:0997)
2016-05-11 00:00:00
nvd
nvd
CVE-2016-3710
2016-05-11 21:59:01
redhat
redhat
(RHSA-2016:0724) Important: qemu-kvm security update
2016-05-09 14:53:14
(RHSA-2016:1019) Important: qemu-kvm-rhev security update
2016-05-11 00:49:46
(RHSA-2016:0725) Important: qemu-kvm-rhev security update
2016-05-09 14:56:49
oraclelinux
oraclelinux
qemu-kvm security update
2016-05-09 00:00:00
kvm security update
2016-09-27 00:00:00
qemu-kvm security update
2016-08-09 00:00:00
cve
cve
CVE-2016-3710
2016-05-11 21:59:01
centos
centos
libcacard, qemu security update
2016-05-09 16:33:09
qemu security update
2016-05-16 10:25:54
kmod, kvm security update
2016-09-28 13:59:56
prion
prion
Design/Logic Flaw
2016-05-11 21:59:00
openvas
openvas
RedHat Update for qemu-kvm RHSA-2016:0724-01
2016-05-10 00:00:00
CentOS Update for libcacard CESA-2016:0724 centos7
2016-05-10 00:00:00
RedHat Update for qemu-kvm RHSA-2016:0997-01
2016-05-11 00:00:00
debiancve
debiancve
CVE-2016-3710
2016-05-11 21:59:01
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:11:18
ubuntucve
ubuntucve
CVE-2016-3710
2016-05-09 00:00:00
cvelist
cvelist
CVE-2016-3710
2016-05-11 21:00:00
redhatcve
redhatcve
CVE-2016-3710
2016-05-09 12:48:19
debian
debian
[SECURITY] [DSA 3573-1] qemu security update
2016-05-09 20:28:27
[SECURITY] [DSA 3573-1] qemu security update
2016-05-09 20:28:27
[SECURITY] [DLA 539-1] qemu-kvm security update
2016-07-01 08:46:52
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.1-8.fc24
2016-05-16 16:33:45
[SECURITY] Fedora 23 Update: xen-4.5.3-3.fc23
2016-05-12 07:32:01
[SECURITY] Fedora 22 Update: xen-4.5.3-5.fc22
2016-05-28 23:24:56
osv
osv
qemu - security update
2016-05-09 00:00:00
qemu-kvm - security update
2016-07-01 00:00:00
qemu - security update
2016-07-01 00:00:00
xen
xen
QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks
2016-05-09 11:48:00
freebsd
freebsd
ibm
ibm
Security Bulletin: Vulnerabilities in Qemu-kvm affect IBM SmartCloud Entry
2020-07-19 00:49:12
Security Bulletin: Multiple vulnerabilities in qemu affect PowerKVM
2018-06-18 01:33:29
archlinux
archlinux
qemu-arch-extra: multiple issues
2016-06-08 00:00:00
qemu: multiple issues
2016-06-08 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2016-05-12 00:00:00
suse
suse
Security update for xen (important)
2016-10-13 20:08:40
Security update for xen (important)
2016-11-04 15:11:21
Security update for xen (important)
2016-08-17 18:08:50
mageia
mageia
Updated qemu packages fix security vulnerabilities
2016-05-18 23:14:22
Updated xen packages fix security vulnerability
2017-01-09 23:29:57