CVE-2016-9603

Name: CVE-2016-9603
Creator: NVD / NIST
Published: 2018-07-27T21:29:00.29+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.45%

Last modified Jun 17, 2026

CVE-2016-9603 is a vulnerability of currently unknown severity. A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.. EPSS estimates a 4.45% chance of exploitation in the next 30 days.

Description

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

Metrics

EPSS Probability

4.45%

90.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions	Update
Qemu	Qemu	< 2.9.0	—
Citrix	Xenserver	6.0.2	—
Citrix	Xenserver	6.2.0	Sp1
Citrix	Xenserver	6.5	Sp1
Citrix	Xenserver	7.0	—
Citrix	Xenserver	7.1	—
Redhat	Openstack	5.0	—
Redhat	Openstack	6.0	—
Redhat	Openstack	7.0	—
Redhat	Openstack	8	—
Redhat	Openstack	9	—
Redhat	Openstack	10	—
Debian	Debian Linux	7.0	—
Redhat	Enterprise Linux Desktop	6.0	—
Redhat	Enterprise Linux Desktop	7.0	—
Redhat	Enterprise Linux Server	6.0	—
Redhat	Enterprise Linux Server	7.0	—
Redhat	Enterprise Linux Server Aus	7.3	—
Redhat	Enterprise Linux Server Aus	7.4	—
Redhat	Enterprise Linux Server Eus	7.3	—
Redhat	Enterprise Linux Server Eus	7.4	—
Redhat	Enterprise Linux Server Eus	7.5	—
Redhat	Enterprise Linux Workstation	6.0	—
Redhat	Enterprise Linux Workstation	7.0	—

References

http://www.securityfocus.com/bid/96893Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038023Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:0980Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0981Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0982Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0983Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0984Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0985Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0987Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0988Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1205Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1206Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1441Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603Issue Tracking, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/02/msg00005.htmlThird Party Advisory
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
https://security.gentoo.org/glsa/201706-03Third Party Advisory
https://support.citrix.com/article/CTX221578Third Party Advisory
http://www.securityfocus.com/bid/96893Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038023Third Party Advisory, VDB Entry
https://access.redhat.com/errata/RHSA-2017:0980Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0981Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0982Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0983Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0984Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0985Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0987Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0988Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1205Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1206Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1441Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603Issue Tracking, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/02/msg00005.htmlThird Party Advisory
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
https://security.gentoo.org/glsa/201706-03Third Party Advisory
https://support.citrix.com/article/CTX221578Third Party Advisory

Timeline

Published: Jul 27, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-9603?

How severe is CVE-2016-9603?

Severity scoring for CVE-2016-9603 is pending analysis. The EPSS model estimates a 4.45% probability of exploitation in the next 30 days.

How do I fix CVE-2016-9603?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-9603?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST