cvedb.io
CVE-2016-3710
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2016-05-11T21:59:01.077 · Last modified 2026-06-17T00:46:13.780

Summary

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Affected products

debian — debian_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when debian ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.