PT-2016-5670 · Qemu+5 · Qemu+5

Qinghao Tang

Publicado

2016-05-09

Atualizado

2021-08-04

CVE-2016-3710

CVSS v3.1

8.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue concerns improper bounds checking on banked access to video memory in the VGA module. This allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2016-1565

CESA-2016_0724

CESA-2016_0997

CVE-2016-3710

DLA-539-1

DLA-540-1

DLA-571-1

DSA-3573-1

MGASA-2016-0176

MGASA-2017-0012

OPENSUSE-SU-2016_1750-1

OPENSUSE-SU-2016_2494-1

OPENSUSE-SU-2016_2497-1

RHSA-2016:0724

RHSA-2016:0725

RHSA-2016:0997

RHSA-2016:0999

RHSA-2016:1000

RHSA-2016:1001

RHSA-2016:1002

RHSA-2016:1019

RHSA-2016:1224

RHSA-2016:1943

RHSA-2016_0724

RHSA-2016_0997

RHSA-2016_1943

SUSE-SU-2016:1560-1

SUSE-SU-2016:1698-1

SUSE-SU-2016:1703-1

SUSE-SU-2016:1785-1

SUSE-SU-2016:2093-1

SUSE-SU-2016:2100-1

SUSE-SU-2016:2528-1

SUSE-SU-2016:2533-1

SUSE-SU-2016:2725-1

USN-2974-1

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2016-5670 · Qemu+5 · Qemu+5

CVE-2016-3710

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 418