Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2016-3712

Published: 11/05/2016 Updated: 12/02/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Vm Server

Vulnerability Summary

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle vm server 3.3

oracle vm server 3.4

qemu qemu

qemu qemu 2.6.0

canonical ubuntu linux 12.04

canonical ubuntu linux 16.04

canonical ubuntu linux 15.10

canonical ubuntu linux 14.04

debian debian linux 8.0

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux server tus 7.3

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server eus 7.3

redhat enterprise linux server eus 7.4

redhat enterprise linux server eus 7.5

redhat enterprise linux server tus 7.6

redhat enterprise linux server eus 7.6

redhat enterprise linux server aus 7.6

redhat enterprise linux server eus 7.7

redhat enterprise linux server aus 7.7

redhat enterprise linux server tus 7.7

citrix xenserver

Vendor Advisories

Ubuntu Security Notice: qemu, qemu-kvm vulnerabilities
Several security issues were fixed in QEMU ...
Red Hat: Moderate: qemu-kvm security, bug fix, and enhancement update
Synopsis Moderate: qemu-kvm security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...
Red Hat: Moderate: qemu-kvm security and bug fix update
Synopsis Moderate: qemu-kvm security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ...
Debian Security Advisories: DSA-3573-1 qemu -- security update
Several vulnerabilities were discovered in qemu, a fast processor emulator CVE-2016-3710 Wei Xiao and Qinghao Tang of 360cn Inc discovered an out-of-bounds read and write flaw in the QEMU VGA module A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2538: usb: integer overflow in remote NDIS control message handling
Debian Bug report logs - #815680 qemu: CVE-2016-2538: usb: integer overflow in remote NDIS control message handling Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 23 Feb 2016 16:54:02 UTC Severit ...
Debian CVElist Bug Report Logs: CVE-2016-2197: ide: ahci null pointer dereference when using FIS CLB engines
Debian Bug report logs - #813194 CVE-2016-2197: ide: ahci null pointer dereference when using FIS CLB engines Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Michael Tokarev <mjt@tlsmskru> Date: Sat, 30 Jan 2016 11:30:01 UTC Severity: important T ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4001: net: buffer overflow in stellaris_enet emulator
Debian Bug report logs - #821038 qemu: CVE-2016-4001: net: buffer overflow in stellaris_enet emulator Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 14 Apr 2016 21:18:05 UTC Severity: important T ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2392: usb: null pointer dereference in remote NDIS control message handling
Debian Bug report logs - #815008 qemu: CVE-2016-2392: usb: null pointer dereference in remote NDIS control message handling Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 17 Feb 2016 16:42:01 UTC ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive
Debian Bug report logs - #817181 qemu: CVE-2016-2841: net: ne2000: infinite loop in ne2000_receive Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Mar 2016 19:18:02 UTC Severity: important Tags ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2858: rng-random: arbitrary stack based allocation leading to corruption
Debian Bug report logs - #817183 qemu: CVE-2016-2858: rng-random: arbitrary stack based allocation leading to corruption Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Mar 2016 19:21:02 UTC Se ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2391: usb: multiple eof_timers in ohci leads to null pointer dereference
Debian Bug report logs - #815009 qemu: CVE-2016-2391: usb: multiple eof_timers in ohci leads to null pointer dereference Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 17 Feb 2016 16:42:06 UTC Se ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4037: usb: Infinite loop vulnerability in usb_ehci using siTD process
Debian Bug report logs - #822344 qemu: CVE-2016-4037: usb: Infinite loop vulnerability in usb_ehci using siTD process Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 23 Apr 2016 17:27:01 UTC Sever ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-2857: net: out of bounds read in net_checksum_calculate
Debian Bug report logs - #817182 qemu: CVE-2016-2857: net: out of bounds read in net_checksum_calculate Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Mar 2016 19:18:06 UTC Severity: important ...
Debian CVElist Bug Report Logs: CVE-2016-2198: usb: ehci null pointer dereference in ehci_caps_write
Debian Bug report logs - #813193 CVE-2016-2198: usb: ehci null pointer dereference in ehci_caps_write Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Michael Tokarev <mjt@tlsmskru> Date: Sat, 30 Jan 2016 11:24:01 UTC Severity: important Tags: pat ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-3710 CVE-2016-3712
Debian Bug report logs - #823830 qemu: CVE-2016-3710 CVE-2016-3712 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 9 May 2016 12:27:02 UTC Severity: grave Tags: security, upstream Found in versi ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4020: i386: leakage of stack memory to guest in kvmvapic.c
Debian Bug report logs - #821062 qemu: CVE-2016-4020: i386: leakage of stack memory to guest in kvmvapicc Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 15 Apr 2016 04:57:01 UTC Severity: import ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4964: scsi: mptsas infinite loop in mptsas_fetch_requests
Debian Bug report logs - #825207 qemu: CVE-2016-4964: scsi: mptsas infinite loop in mptsas_fetch_requests Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 24 May 2016 14:42:01 UTC Severity: importa ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4002: net: buffer overflow in MIPSnet emulator
Debian Bug report logs - #821061 qemu: CVE-2016-4002: net: buffer overflow in MIPSnet emulator Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 15 Apr 2016 04:12:02 UTC Severity: important Tags: pa ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5126: block: iscsi: buffer overflow in iscsi_aio_ioctl
Debian Bug report logs - #826151 qemu: CVE-2016-5126: block: iscsi: buffer overflow in iscsi_aio_ioctl Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 2 Jun 2016 18:45:02 UTC Severity: important ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4952: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines
Debian Bug report logs - #825210 qemu: CVE-2016-4952: scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 24 May 2016 15:00 ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5107: scsi: megasas: out-of-bounds read in megasas_lookup_frame() function
Debian Bug report logs - #825616 qemu: CVE-2016-5107: scsi: megasas: out-of-bounds read in megasas_lookup_frame() function Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 May 2016 07:54:02 UTC ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5105: scsi: megasas: stack information leakage while reading configuration
Debian Bug report logs - #825614 qemu: CVE-2016-5105: scsi: megasas: stack information leakage while reading configuration Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 May 2016 07:51:02 UTC ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5337: scsi: megasas: information leakage in megasas_ctrl_get_info
Debian Bug report logs - #827026 qemu: CVE-2016-5337: scsi: megasas: information leakage in megasas_ctrl_get_info Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 11 Jun 2016 10:15:01 UTC Severity: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5338: scsi: esp: OOB r/w access while processing ESP_FIFO
Debian Bug report logs - #827024 qemu: CVE-2016-5338: scsi: esp: OOB r/w access while processing ESP_FIFO Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 11 Jun 2016 10:12:02 UTC Severity: normal ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-4439 CVE-2016-4441
Debian Bug report logs - #824856 qemu: CVE-2016-4439 CVE-2016-4441 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 20 May 2016 13:21:07 UTC Severity: important Tags: patch, security, upstream Fou ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5106: scsi: megasas: out-of-bounds write while setting controller properties
Debian Bug report logs - #825615 qemu: CVE-2016-5106: scsi: megasas: out-of-bounds write while setting controller properties Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 May 2016 07:51:09 UTC ...
Citrix Security Bulletins: Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM (depending on configuration) or an attacker on the management network to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and includin ...

References

CWE-190http://xenbits.xen.org/xsa/advisory-179.htmlhttps://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.htmlhttp://www.securitytracker.com/id/1035794http://www.debian.org/security/2016/dsa-3573http://www.openwall.com/lists/oss-security/2016/05/09/4http://www.ubuntu.com/usn/USN-2974-1http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/90314http://support.citrix.com/article/CTX212736http://rhn.redhat.com/errata/RHSA-2017-0621.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2585.htmlhttps://usn.ubuntu.com/2974-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook