High severity8.8NVD Advisory· Published May 11, 2016· Updated Jun 17, 2026
CVE-2016-3710
CVE-2016-3710
Description
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
73cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*+ 2 more
- cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*
- cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*
- cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*range: <=2.5.1
- cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*
- (no CPE)
- cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- osv-coords25 versionspkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Manager%202.1pkg:rpm/suse/xen&distro=SUSE%20Manager%20Proxy%202.1pkg:rpm/suse/xen&distro=SUSE%20OpenStack%20Cloud%205
< 1.4.2-46.1+ 24 more
- (no CPE)range: < 1.4.2-46.1
- (no CPE)range: < 1.4.2-46.1
- (no CPE)range: < 1.4.2-44.1
- (no CPE)range: < 1.4.2-44.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
- (no CPE)range: < 4.5.3_08-17.1
- (no CPE)range: < 4.2.5_21-27.1
- (no CPE)range: < 4.1.6_08-29.1
- (no CPE)range: < 4.2.5_21-27.1
- (no CPE)range: < 4.4.4_07-37.1
- (no CPE)range: < 4.5.3_08-17.1
- (no CPE)range: < 4.4.4_04-22.22.2
- (no CPE)range: < 4.4.4_07-37.1
- (no CPE)range: < 4.4.4_04-22.22.2
- (no CPE)range: < 4.5.3_08-17.1
- (no CPE)range: < 4.4.4_07-37.1
- (no CPE)range: < 4.5.3_08-17.1
- (no CPE)range: < 4.2.5_21-27.1
- (no CPE)range: < 4.2.5_21-27.1
- (no CPE)range: < 4.2.5_21-27.1
Patches
Vulnerability mechanics
References
22- lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.htmlnvdMailing ListPatchThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0724.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0725.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0997.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-0999.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1000.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1001.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1002.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1019.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1943.htmlnvdThird Party Advisory
- support.citrix.com/article/CTX212736nvdThird Party Advisory
- www.debian.org/security/2016/dsa-3573nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2016/05/09/3nvdMailing ListThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/90316nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1035794nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2974-1nvdThird Party Advisory
- xenbits.xen.org/xsa/advisory-179.htmlnvdThird Party Advisory
- access.redhat.com/errata/RHSA-2016:1224nvdThird Party Advisory
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvdThird Party AdvisoryVendor Advisory
News mentions
0No linked articles in our index yet.