Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

openSUSE Leap 15.4 Advisory: Important VirtualBox Security Update

opensuse
Calendar Grey October 17, 2022
Dist Opensuse Esm H88
A crucial security patch for openSUSE has been released, targeting two vulnerabilities found in VirtualBox. It's essential to implement these updates promptly.
An update that solves two vulnerabilities and has four fixes is now available

Description

This update for virtualbox fixes the following issues:

- Version bump to 6.1.38r86 released by Oracle September 02 2022

This is a maintenance release. The following items were fixed and/or added:

- GUI: Improvements in Native Language Support area

- Main: OVF Export: Added support for exporting VMs containing Virtio-SCSI

controllers - Recording settings: Fixed a regression which could cause not starting

the COM server (VBoxSVC) under certain circumstances (bug #21034)

- Recording: More deterministic naming for recorded files (will now

overwrite old .webm files if present)

- Linux Host and Guest Additions installer: Improved check for systemd

presence in the system (bug #19033)

- Linux Guest Additions: Introduced initial support for kernel 6.0

- Linux Guest Additions: Additional fixes for kernel RHEL 9.1 (bug #21065)

- Windows Guest Additions: Improvements in Drag and Drop area

Fixes permission problem with /dev/vboxuser...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update system fix important patch openSUSE virtualbox user access issue

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-2022-10152=1

Package List

- openSUSE Leap 15.4 (x86_64):

python3-virtualbox-6.1.38-lp154.2.15.1

python3-virtualbox-debuginfo-6.1.38-lp154.2.15.1

virtualbox-6.1.38-lp154.2.15.1

virtualbox-debuginfo-6.1.38-lp154.2.15.1

virtualbox-debugsource-6.1.38-lp154.2.15.1

virtualbox-devel-6.1.38-lp154.2.15.1

virtualbox-guest-tools-6.1.38-lp154.2.15.1

virtualbox-guest-tools-debuginfo-6.1.38-lp154.2.15.1

virtualbox-kmp-debugsource-6.1.38-lp154.2.15.1

virtualbox-kmp-default-6.1.38_k5.14.21_150400.24.21-lp154.2.15.1

virtualbox-kmp-default-debuginfo-6.1.38_k5.14.21_150400.24.21-lp154.2.15.1

virtualbox-qt-6.1.38-lp154.2.15.1

virtualbox-qt-debuginfo-6.1.38-lp154.2.15.1

virtualbox-vnc-6.1.38-lp154.2.15.1

virtualbox-websrv-6.1.38-lp154.2.15.1

virtualbox-websrv-debuginfo-6.1.38-lp154.2.15.1

- openSUSE Leap 15.4 (noarch):

virtualbox-guest-desktop-icons-6.1.38-lp154.2.15.1

virtualbox-guest-source-6.1.38-lp154.2.15.1

virtualbox-host-source-6.1.38-lp154.2.15.1

References

https://www.suse.com/security/cve/CVE-2022-21554.html

https://www.suse.com/security/cve/CVE-2022-21571.html

https://bugzilla.suse.com/1201720

https://bugzilla.suse.com/1203086

https://bugzilla.suse.com/1203306

https://bugzilla.suse.com/1203370

https://bugzilla.suse.com/1203735

https://bugzilla.suse.com/1204019

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2022:10152-1
Rating: important
Affected Products: openSUSE Leap 15.4 ble.

Topics%20covered

Topics Covered

security advisory security update system fix important patch openSUSE virtualbox user access issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here