Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Mageia 8: 2021-0488 High Risk: VirtualBox Denial Of Service Issue

mageia
Calendar Grey October 23, 2021
Dist Mageia Esm H88
Mageia's update 2021-0488 tackles critical security issues in VirtualBox, essential for preventing arbitrary code execution and protecting user systems
This update provides the upstream 6.1.28 maintenance release that fixes atleast the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 c...

Summary

This update provides the upstream 6.1.28 maintenance release that fixes atleast the following security vulnerabilities:
Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 contains an easily exploitable vulnerability that allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox (CVE-2021-2475, CVE-2021-35542).
Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 contains an easily exploitable vulnerability that allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox (CVE-2021-35538).
Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 contains an easily exploitabl...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=29566

- https://www.virtualbox.org/wiki/Changelog-6.1#v28

- https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixOVIR

- https://www.cve.org/CVERecord?id=CVE-2021-2475

- https://www.cve.org/CVERecord?id=CVE-2021-35538

- https://www.cve.org/CVERecord?id=CVE-2021-35540

- https://www.cve.org/CVERecord?id=CVE-2021-35542

- https://www.cve.org/CVERecord?id=CVE-2021-35545

Topics%20covered

Topics Covered

security advisory security issue DoS high risk VirtualBox Mageia

Resolution

SRPMS

- 8/core/virtualbox-6.1.28-1.mga8

- 8/core/kmod-virtualbox-6.1.28-1.mga8

Publication date: 23 Oct 2021
URL: https://advisories.mageia.org/MGASA-2021-0488.html
Type: security
CVE: CVE-2021-2475, CVE-2021-35538, CVE-2021-35540, CVE-2021-35542, CVE-2021-35545

Topics%20covered

Topics Covered

security advisory security issue DoS high risk VirtualBox Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here