Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2016:0997-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2016-3710 -- Security Fix(es): * An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process. (CVE-2016-3710) -- SL6 x86_64 qemu-guest-agent-0.12.1.2-2.491.el6_8.1.x86_64.rpm qemu-img-0.12.1.2-2.491.el6_8.1.x86_64.rpm qemu-kvm-0.12.1.2-2.491.el6_8.1.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.1.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.491.el6_8.1.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.491.el6_8.1.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.1.i686.rpm - Scientific Linux Development Team