Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

openSUSE 15.4: SUSE-SU-2023:0351-1 Important: VirtualBox Security Fix

opensuse
Calendar Grey November 4, 2023
Dist Opensuse Esm H88
An enhancement for openSUSE enhances VirtualBox by addressing three critical security flaws. Discover further details about it.
An update that fixes three vulnerabilities is now available

Description

This update for virtualbox fixes the following issues:

- Version bump to VirtualBox 7.0.12 (released October 17 2023 by Oracle)

Fixes the following:

- CVE-2023-22098 (boo#1216363)

- CVE-2023-22099 (boo#1216364)

- CVE-2023-22100 (boo#1216365)

This is a maintenance release. The following items were fixed and/or added:

- VMM: Fixed using a debugger inside the guest under certain circumstances

(bugs #21413 and #21546)

- VMM: Fixed detection of VT-x being used by other hypervisors (bug #21867)

- VMM: Introduced additional improvements in Split Lock Detection feature

of recent Intel CPUs on Linux hosts (bug #20180)

- GUI: Fixed issue when the nested hardware virtualization setting was not

displayed in the VM details panel (bug #21707)

- GUI: Introduced NLS update for Croatian, Indonesian, Italian, Japanese,

Korean, Dutch and Turkish languages as well as added general

look-and-feel improvements

- Devices: Fixed...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory important software maintenance openSUSE virtualbox

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-2023-351=1

Package List

- openSUSE Leap 15.4 (x86_64):

python3-virtualbox-7.0.12-lp154.2.43.1

python3-virtualbox-debuginfo-7.0.12-lp154.2.43.1

virtualbox-7.0.12-lp154.2.43.1

virtualbox-debuginfo-7.0.12-lp154.2.43.1

virtualbox-debugsource-7.0.12-lp154.2.43.1

virtualbox-devel-7.0.12-lp154.2.43.1

virtualbox-guest-tools-7.0.12-lp154.2.43.1

virtualbox-guest-tools-debuginfo-7.0.12-lp154.2.43.1

virtualbox-kmp-debugsource-7.0.12-lp154.2.43.1

virtualbox-kmp-default-7.0.12_k5.14.21_150400.24.92-lp154.2.43.1

virtualbox-kmp-default-debuginfo-7.0.12_k5.14.21_150400.24.92-lp154.2.43.1

virtualbox-qt-7.0.12-lp154.2.43.1

virtualbox-qt-debuginfo-7.0.12-lp154.2.43.1

virtualbox-vnc-7.0.12-lp154.2.43.1

virtualbox-websrv-7.0.12-lp154.2.43.1

virtualbox-websrv-debuginfo-7.0.12-lp154.2.43.1

- openSUSE Leap 15.4 (noarch):

virtualbox-guest-desktop-icons-7.0.12-lp154.2.43.1

virtualbox-guest-source-7.0.12-lp154.2.43.1

virtualbox-host-source-7.0.12-lp154.2.43.1

References

https://www.suse.com/security/cve/CVE-2023-22098.html

https://www.suse.com/security/cve/CVE-2023-22099.html

https://www.suse.com/security/cve/CVE-2023-22100.html

https://bugzilla.suse.com/1216363

https://bugzilla.suse.com/1216364

https://bugzilla.suse.com/1216365

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2023:0351-1
Rating: important
Affected Products: openSUSE Leap 15.4 .

Topics%20covered

Topics Covered

security advisory important software maintenance openSUSE virtualbox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here