Mageia: 2019-0151 Moderate: Oracle VM VirtualBox Security Issues Diagnosis

mageia

May 4, 2019

This update provides an update to the new Virtualbox 6.0 branch, currently 6.0.6

Summary

This update provides an update to the new Virtualbox 6.0 branch, currently 6.0.6. It also fixes the following security issues.
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data (CVE-2019-2574).
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox (CVE-2019-2656, CVE-2019-2657, CVE-2019-2680, ...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=24683

- https://www.oracle.com/security-alerts/cpuapr2019.html

- https://www.cve.org/CVERecord?id=CVE-2019-2574

- https://www.cve.org/CVERecord?id=CVE-2019-2656

- https://www.cve.org/CVERecord?id=CVE-2019-2657

- https://www.cve.org/CVERecord?id=CVE-2019-2678

- https://www.cve.org/CVERecord?id=CVE-2019-2679

- https://www.cve.org/CVERecord?id=CVE-2019-2680

- https://www.cve.org/CVERecord?id=CVE-2019-2690

- https://www.cve.org/CVERecord?id=CVE-2019-2696

- https://www.cve.org/CVERecord?id=CVE-2019-2703

- https://www.cve.org/CVERecord?id=CVE-2019-2721

- https://www.cve.org/CVERecord?id=CVE-2019-2722

- https://www.cve.org/CVERecord?id=CVE-2019-2723

Topics Covered

security advisory update DoS threat access breach data compromise Mageia Oracle VM VirtualBox

Resolution

SRPMS

- 6/core/kmod-vboxadditions-6.0.6-1.mga6

- 6/core/kmod-virtualbox-6.0.6-1.mga6

- 6/core/virtualbox-6.0.6-1.mga6

Severity

important

Lowest

Low

Medium

High

Critical

Publication date: 04 May 2019

URL: https://advisories.mageia.org/MGASA-2019-0151.html

Type: security

CVE: CVE-2019-2574, CVE-2019-2656, CVE-2019-2657, CVE-2019-2678, CVE-2019-2679, CVE-2019-2680, CVE-2019-2690, CVE-2019-2696, CVE-2019-2703, CVE-2019-2721, CVE-2019-2722, CVE-2019-2723

Topics Covered

security advisory update DoS threat access breach data compromise Mageia Oracle VM VirtualBox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2019-0151 Moderate: Oracle VM VirtualBox Security Issues Diagnosis

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2019-0151 Moderate: Oracle VM VirtualBox Security Issues Diagnosis

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!