Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2016:0724-1 Issue Date: 2016-05-09 CVE Numbers: CVE-2016-3710 -- Security Fix(es): * An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process. (CVE-2016-3710) -- SL7 x86_64 libcacard-1.5.3-105.el7_2.4.i686.rpm libcacard-1.5.3-105.el7_2.4.x86_64.rpm qemu-img-1.5.3-105.el7_2.4.x86_64.rpm qemu-kvm-1.5.3-105.el7_2.4.x86_64.rpm qemu-kvm-common-1.5.3-105.el7_2.4.x86_64.rpm qemu-kvm-debuginfo-1.5.3-105.el7_2.4.i686.rpm qemu-kvm-debuginfo-1.5.3-105.el7_2.4.x86_64.rpm qemu-kvm-tools-1.5.3-105.el7_2.4.x86_64.rpm libcacard-devel-1.5.3-105.el7_2.4.i686.rpm libcacard-devel-1.5.3-105.el7_2.4.x86_64.rpm libcacard-tools-1.5.3-105.el7_2.4.x86_64.rpm - Scientific Linux Development Team