Vulnerability CVE-2016-3712: Information

Description

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-3712
Published: May 12, 2016
Modified: Feb. 13, 2023
Error type identifier: CWE-190

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
qemusisyphus2.6.0-alt18.2.3-alt1ALT-PU-2016-1565-1164723Fixed
qemup102.6.0-alt18.2.2-alt0.p10.1ALT-PU-2016-1565-1164723Fixed
qemup92.6.0-alt15.2.0-alt6ALT-PU-2016-1565-1164723Fixed
qemup82.6.0-alt12.11.0-alt0.M80P.4ALT-PU-2016-1596-1165738Fixed
qemuc10f12.6.0-alt18.2.2-alt0.p10.1ALT-PU-2016-1565-1164723Fixed
qemuc9f22.6.0-alt15.2.0-alt6.c9.1ALT-PU-2016-1565-1164723Fixed
qemuc72.5.0-alt0.M70C.22.5.1.1-alt0.M70C.5ALT-PU-2016-1491-1164639Fixed
qemup112.6.0-alt18.2.3-alt1ALT-PU-2016-1565-1164723Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://xenbits.xen.org/xsa/advisory-179.html
  • Third Party Advisory
[Qemu-devel] 20160509 [PULL 5/5] vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).
  • Mailing List
  • Patch
  • Third Party Advisory
1035794
  • Third Party Advisory
  • VDB Entry
DSA-3573
  • Third Party Advisory
[oss-security] 20160509 CVE-2016-3712 Qemu: vga: out-of-bounds read and integer overflow issues
  • Mailing List
  • Third Party Advisory
USN-2974-1
  • Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
  • Third Party Advisory
90314
  • Third Party Advisory
  • VDB Entry
http://support.citrix.com/article/CTX212736
  • Third Party Advisory
RHSA-2017:0621
  • Third Party Advisory
RHSA-2016:2585
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*
      cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*

      Configuration 2

      cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
      End including
      2.5.1
      cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*
      cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*
      cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*
      cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*
      cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

      Configuration 4

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

      Configuration 5

      cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

      Configuration 6

      cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*
      End including
      7.0
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top