CVE-2016-3712

Related Files

Red Hat Security Advisory 2017-0621-01

Posted Mar 21, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0621-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.

tags | advisory, overflow, kernel

systems | linux, redhat

advisories | CVE-2016-3712

SHA-256 | 5df48be0076ba6570122f9d535844bf11965e06ce3af382946e0d5a48b7e6d85

Download | Favorite | View

Red Hat Security Advisory 2016-2585-02

Posted Nov 3, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2585-02 - Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.

tags | advisory, overflow, kernel

systems | linux, redhat

advisories | CVE-2016-1981, CVE-2016-3712

SHA-256 | 66556667bcdaedde71ce46eb068e1ab81d9f9e58d4430bb85f45454d38d4f155

Download | Favorite | View

Ubuntu Security Notice USN-2974-1

Posted May 12, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2974-1 - Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak host memory bytes. Various other issues were also addressed.

tags | advisory, denial of service

systems | linux, ubuntu

advisories | CVE-2016-2391, CVE-2016-2392, CVE-2016-2538, CVE-2016-2841, CVE-2016-2857, CVE-2016-2858, CVE-2016-3710, CVE-2016-3712, CVE-2016-4001, CVE-2016-4002, CVE-2016-4020, CVE-2016-4037

SHA-256 | 17f7d26242cade4510f2fd199babbc3cc8a952a96c7f7115e5543fef485ef4eb

Download | Favorite | View

Debian Security Advisory 3573-1

Posted May 10, 2016

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3573-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2016-3710, CVE-2016-3712

SHA-256 | ea5934b536467bc16729efc5389784740b9b6f8acd08cb5cd7bc14e55dc055c9

Download | Favorite | View