KVM is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc. Security Fix: * An out-of-bounds read/write access flaw was found in the way QEMU"s VGA emulation with VESA BIOS Extensions support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host"s QEMU process. * Quick Emulator built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation on the host controlled by the guest. Red Hat would like to thank Wei Xiao and Qinghao Tang for reporting CVE-2016-3710 and hongzhenhao for reporting CVE-2016-5403. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258