CVE-2016-3710

Опубликовано: 11 мая 2016

Источник: nvd

CVSS3: 8.8

CVSS2: 7.2

EPSS Низкий

Описание

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Ссылки

http://rhn.redhat.com/errata/RHSA-2016-0724.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0725.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0997.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0999.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1000.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1001.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1002.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1019.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1943.html
Third Party Advisory
http://support.citrix.com/article/CTX212736
Third Party Advisory
http://www.debian.org/security/2016/dsa-3573
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/09/3
Mailing List
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Third Party Advisory
http://www.securityfocus.com/bid/90316
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1035794
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2974-1
Third Party Advisory
http://xenbits.xen.org/xsa/advisory-179.html
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1224
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Версия до 2.5.1 (включая)

cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*

cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*

cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*

cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*

Конфигурация 6

cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*

Версия до 7.0 (включая)

Конфигурация 7

Одно из

cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*

cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00086

Низкий

8.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2016-3710

CVSS3: 8.8

ubuntu

больше 9 лет назад

CVE-2016-3710

CVSS3: 7.6

redhat

больше 9 лет назад

CVE-2016-3710

CVSS3: 8.8

debian

больше 9 лет назад

The VGA module in QEMU improperly performs bounds checking on banked a ...

GHSA-p6hq-65m2-r4jg

CVSS3: 8.8

github

больше 3 лет назад

ELSA-2016-0997

oracle-oval

больше 9 лет назад

ELSA-2016-0997: qemu-kvm security update (IMPORTANT)

EPSS

Процентиль: 26%

0.00086

Низкий

8.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119