This update for VirtualBox to version 5.1.36 fixes multiple issues:
Security issues fixed:
- CVE-2018-0739: Unauthorized remote attacker may have caused a hang or
frequently repeatable crash (complete DOS)
- CVE-2018-2830: Attacker with host login may have compromised Virtualbox
or further system services after interaction with a third user
- CVE-2018-2831: Attacker with host login may have compromised VirtualBox
or further system services, allowing read access to some data
- CVE-2018-2835: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2836: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2837: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2842: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2843: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2844: Attacker with host login may have gained control over
VirtualBox and possibly further system services after interacting with a
third user
- CVE-2018-2845: Attacker with host login may have caused a hang or
frequently repeatable crash (complete DOS), and perform unauthorized
read and write operation to some VirtualBox accessible data
- CVE-2018-2860: Privileged attacker may have gained control over
VirtualBox and possibly further system services
<a href=“http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-36781”>http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-36781</a>
08.html
<a href=“http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html”>http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a>
#AppendixOVIR
This update also contains all upstream fixes and improvements in the
stable 5.1.36 release.