Gentoo FoundationMGASA-2016-0226Updated virtualbox packages fix security vulnerability
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
4.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
21.7%
This update provides virtualbox 5.0.20 maintenance release, and fixes the following security issue: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. (CVE-2016-0678) For other fixes in this update, see the referenced changelog.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | kmod-vboxadditions | < 5.0.20-3 | kmod-vboxadditions-5.0.20-3.mga5 |
| Mageia | 5 | noarch | kmod-virtualbox | < 5.0.20-3 | kmod-virtualbox-5.0.20-3.mga5 |
| Mageia | 5 | noarch | virtualbox | < 5.0.20-1.1 | virtualbox-5.0.20-1.1.mga5 |
Related
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
4.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
21.7%