Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Mageia: MGASA-2019-0216 Moderate: Oracle VM VirtualBox Security Update

mageia
Calendar Grey July 27, 2019
Dist Mageia Esm H88
The security notification MGASA-2019-0216 discusses vulnerabilities present in Oracle VM VirtualBox, which could lead to potential data breaches.
OpenSSL versions 1.1.0 through 1.1.0j and 1.1.1 through 1.1.1b are susceptible to a vulnerability that could lead to disclosure of sensitive information or the addition or modifica...

Summary

OpenSSL versions 1.1.0 through 1.1.0j and 1.1.1 through 1.1.1b are susceptible to a vulnerability that could lead to disclosure of sensitive information or the addition or modification of data (CVE-2019-1543).
Oracle VM VirtualBox prior to 6.0.10 has an easily exploitable vulnerability that allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox (CVE-2019-2848).
Oracle VM VirtualBox prior to 6.0.10 has an easily exploitable vulnerability that allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other t...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=25161

- https://www.oracle.com/security-alerts/cpujul2019.html

- https://www.cve.org/CVERecord?id=CVE-2019-1543

- https://www.cve.org/CVERecord?id=CVE-2019-2848

- https://www.cve.org/CVERecord?id=CVE-2019-2850

- https://www.cve.org/CVERecord?id=CVE-2019-2859

- https://www.cve.org/CVERecord?id=CVE-2019-2863

- https://www.cve.org/CVERecord?id=CVE-2019-2864

- https://www.cve.org/CVERecord?id=CVE-2019-2865

- https://www.cve.org/CVERecord?id=CVE-2019-2866

- https://www.cve.org/CVERecord?id=CVE-2019-2867

- https://www.cve.org/CVERecord?id=CVE-2019-2873

- https://www.cve.org/CVERecord?id=CVE-2019-2874

- https://www.cve.org/CVERecord?id=CVE-2019-2875

- https://www.cve.org/CVERecord?id=CVE-2019-2876

- https://www.cve.org/CVERecord?id=CVE-2019-2877

Topics%20covered

Topics Covered

security advisory information disclosure data compromise Mageia partial denial of service Oracle VM VirtualBox

Resolution

SRPMS

- 7/core/virtualbox-6.0.10-1.mga7

- 7/core/kmod-virtualbox-6.0.10-1.mga7

- 6/core/virtualbox-6.0.10-1.mga6

- 6/core/kmod-virtualbox-6.0.10-1.mga6

- 6/core/kmod-vboxadditions-6.0.10-1.mga6

Publication date: 27 Jul 2019
URL: https://advisories.mageia.org/MGASA-2019-0216.html
Type: security
CVE: CVE-2019-1543, CVE-2019-2848, CVE-2019-2850, CVE-2019-2859, CVE-2019-2863, CVE-2019-2864, CVE-2019-2865, CVE-2019-2866, CVE-2019-2867, CVE-2019-2873, CVE-2019-2874, CVE-2019-2875, CVE-2019-2876, CVE-2019-2877

Topics%20covered

Topics Covered

security advisory information disclosure data compromise Mageia partial denial of service Oracle VM VirtualBox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here