Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
2016-05-11T21:59:02.063
2025-04-12T10:46:40.837
Deferred
CVSSv3.1: 5.5 (MEDIUM)
AV:L/AC:L/Au:N/C:N/I:N/A:P
3.9
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | oracle | vm_server | 3.3 | Yes |
| Operating System | oracle | vm_server | 3.4 | Yes |
| Application | qemu | qemu | ≤ 2.5.1 | Yes |
| Application | qemu | qemu | 2.6.0 | Yes |
| Application | qemu | qemu | 2.6.0 | Yes |
| Application | qemu | qemu | 2.6.0 | Yes |
| Application | qemu | qemu | 2.6.0 | Yes |
| Application | qemu | qemu | 2.6.0 | Yes |
| Operating System | canonical | ubuntu_linux | 12.04 | Yes |
| Operating System | canonical | ubuntu_linux | 14.04 | Yes |
| Operating System | canonical | ubuntu_linux | 15.10 | Yes |
| Operating System | canonical | ubuntu_linux | 16.04 | Yes |
| Operating System | debian | debian_linux | 8.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.3 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.3 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.5 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_server_eus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.3 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 6.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 7.0 | Yes |
| Application | citrix | xenserver | ≤ 7.0 | Yes |