Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Mageia: 2019-0303 Critical: Oracle VM VirtualBox Security Threats

mageia
Calendar Grey October 23, 2019
Dist Mageia Esm H88
Keep updated with the latest Mageia security patch for VirtualBox tackling severe flaws and their repercussions.
This update provides the upstream 6.0.14 and fixes the following security issues: An easily exploitable vulnerability allows high privileged attacker with logon to the infrastruct...

Summary

This update provides the upstream 6.0.14 and fixes the following security issues:
An easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox (CVE-2019-2926).
An easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access ...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=25577

- https://www.virtualbox.org/wiki/Changelog-6.0#v14

- https://www.oracle.com/security-alerts/cpuoct2019.html

- https://www.cve.org/CVERecord?id=CVE-2019-2926

- https://www.cve.org/CVERecord?id=CVE-2019-2944

- https://www.cve.org/CVERecord?id=CVE-2019-2984

- https://www.cve.org/CVERecord?id=CVE-2019-3002

- https://www.cve.org/CVERecord?id=CVE-2019-3005

- https://www.cve.org/CVERecord?id=CVE-2019-3017

- https://www.cve.org/CVERecord?id=CVE-2019-3021

- https://www.cve.org/CVERecord?id=CVE-2019-3026

- https://www.cve.org/CVERecord?id=CVE-2019-3028

- https://www.cve.org/CVERecord?id=CVE-2019-3031

Topics%20covered

Topics Covered

security advisory VirtualBox Mageia partial denial of service total denial of service Oracle VM

Resolution

SRPMS

- 7/core/virtualbox-6.0.14-1.mga7

- 7/core/kmod-virtualbox-6.0.14-1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 23 Oct 2019
URL: https://advisories.mageia.org/MGASA-2019-0303.html
Type: security
CVE: CVE-2019-2926, CVE-2019-2944, CVE-2019-2984, CVE-2019-3002, CVE-2019-3005, CVE-2019-3017, CVE-2019-3021, CVE-2019-3026, CVE-2019-3028, CVE-2019-3031

Topics%20covered

Topics Covered

security advisory VirtualBox Mageia partial denial of service total denial of service Oracle VM

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here