virtualbox - security update

2015-09-1300:00:00

Google

osv.dev

6.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

JSON

This update fixes an unspecified security issue in VirtualBox related to
guests using bridged networking via WiFi. Oracle no longer provides
information on specific security vulnerabilities in VirtualBox. To still
support users of the already released Debian releases we’ve decided to
update these to the respective 4.1.40 and 4.3.30 bugfix releases.

For the oldstable distribution (wheezy), this problem has been fixed
in version 4.1.40-dfsg-1+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 4.3.30-dfsg-1+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 4.3.30-dfsg-1.

For the unstable distribution (sid), this problem has been fixed in
version 4.3.30-dfsg-1.

We recommend that you upgrade your virtualbox packages.

CPENameOperatorVersion
virtualboxeq4.2.16-dfsg-1
virtualboxeq4.1.2-dfsg-1
virtualboxeq4.3.14-dfsg-1
virtualboxeq4.3.6-dfsg-2
virtualboxeq4.3.18-dfsg-3+deb8u2
virtualboxeq4.0.10-dfsg-1~bpo60+2
virtualboxeq4.3.26-dfsg-2
virtualboxeq4.2.10-dfsg-1~bpo70+1
virtualboxeq4.1.0-dfsg-1
virtualboxeq4.3.12-dfsg-1~bpo70+1

Name	Operator	Version
virtualbox	eq	4.2.16-dfsg-1
virtualbox	eq	4.1.2-dfsg-1
virtualbox	eq	4.3.14-dfsg-1
virtualbox	eq	4.3.6-dfsg-2
virtualbox	eq	4.3.18-dfsg-3+deb8u2
virtualbox	eq	4.0.10-dfsg-1~bpo60+2
virtualbox	eq	4.3.26-dfsg-2
virtualbox	eq	4.2.10-dfsg-1~bpo70+1
virtualbox	eq	4.1.0-dfsg-1
virtualbox	eq	4.3.12-dfsg-1~bpo70+1