MGASA-2018-0257
- Source
- https://advisories.mageia.org/MGASA-2018-0257.html
- Import Source
- https://advisories.mageia.org/MGASA-2018-0257.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2018-0257
- Related
- Published
- 2018-05-29T19:41:14Z
- Modified
- 2018-05-29T19:05:44Z
- Summary
- Updated virtualbox packages fix security vulnerabilities
- Details
-
This update provides virtualbox 5.2.12 and fixes the following security issues:
Unauthorized remote attacker may have caused a hang or frequently repeatable crash (complete DOS) (CVE-2018-0739).
Attacker with host login may have compromised Virtualbox or further system services after interaction with a third user (CVE-2018-2830).
Attacker with host login may have compromised VirtualBox or further system services, allowing read access to some data (CVE-2018-2831).
Attacker with host login may have gained control over VirtualBox and possibly further system services after interacting with a third user (CVE-2018-2835, CVE-2018-2836, CVE-2018-2837, CVE-2018-2842, CVE-2018-2843, CVE-2018-2844).
Attacker with host login may have caused a hang or frequently repeatable crash (complete DOS), and perform unauthorized read and write operation to some VirtualBox accessible data (CVE-2018-2845).
Privileged attacker may have gained control over VirtualBox and possibly further system services (CVE-2018-2860).
For other fixes in this update, see the referenced changelog
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:rpm/mageia/virtualbox?distro=mageia-6
Mageia:6 / kmod-virtualbox
Package
- Name
- kmod-virtualbox
- Purl
- pkg:rpm/mageia/kmod-virtualbox?distro=mageia-6
Mageia:6 / kmod-vboxadditions
Package
- Name
- kmod-vboxadditions
- Purl
- pkg:rpm/mageia/kmod-vboxadditions?distro=mageia-6