CVE-2016-3712 - OpenCVE

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux Server Eus Enterprise Linux Server Aus Enterprise Linux Server Tus Enterprise Linux Desktop Enterprise Linux Workstation Enterprise Linux Server
Canonical	Ubuntu Linux
Qemu	Qemu
Debian	Debian Linux
Oracle	Vm Server
Citrix	Xenserver

Configuration 1 [-]

OR	cpe:2.3:o:oracle:vm_server:3.3::::::x86:
	cpe:2.3:o:oracle:vm_server:3.4::::::x86:

Configuration 2 [-]

OR	cpe:2.3:a:qemu:qemu::::::::
	cpe:2.3:a:qemu:qemu:2.6.0:rc0::::::
	cpe:2.3:a:qemu:qemu:2.6.0:rc1::::::
	cpe:2.3:a:qemu:qemu:2.6.0:rc2::::::
	cpe:2.3:a:qemu:qemu:2.6.0:rc3::::::
	cpe:2.3:a:qemu:qemu:2.6.0:rc4::::::

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 6 [-]

cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2016-2585.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0621.html	Third Party Advisory
http://support.citrix.com/article/CTX212736	Third Party Advisory
http://www.debian.org/security/2016/dsa-3573	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/09/4	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	Third Party Advisory
http://www.securityfocus.com/bid/90314	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035794	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2974-1	Third Party Advisory
http://xenbits.xen.org/xsa/advisory-179.html	Third Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html	Mailing List Patch Third Party Advisory