DEBIAN-CVE-2016-3710

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2016-3710

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2016-3710.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2016-3710

Upstream

CVE-2016-3710

Published

2016-05-11T21:59:01Z

Modified

2025-09-19T06:18:57Z

Summary

[none]

Details

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

References

https://security-tracker.debian.org/tracker/CVE-2016-3710

Affected packages

Debian:11

qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.6+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12

qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.6+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13

qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.6+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14

qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.6+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}