Lucene search

K
suseSuseOPENSUSE-SU-2018:1057-1
HistoryApr 24, 2018 - 3:20 a.m.

Security update for virtualbox (important)

2018-04-2403:20:04
lists.opensuse.org
68

0.974 High

EPSS

Percentile

99.9%

This update for VirtualBox to version 5.1.36 fixes multiple issues:

Security issues fixed:

  • CVE-2018-0739: Unauthorized remote attacker may have caused a hang or
    frequently repeatable crash (complete DOS)
  • CVE-2018-2830: Attacker with host login may have compromised Virtualbox
    or further system services after interaction with a third user
  • CVE-2018-2831: Attacker with host login may have compromised VirtualBox
    or further system services, allowing read access to some data
  • CVE-2018-2835: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2836: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2837: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2842: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2843: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2844: Attacker with host login may have gained control over
    VirtualBox and possibly further system services after interacting with a
    third user
  • CVE-2018-2845: Attacker with host login may have caused a hang or
    frequently repeatable crash (complete DOS), and perform unauthorized
    read and write operation to some VirtualBox accessible data
  • CVE-2018-2860: Privileged attacker may have gained control over
    VirtualBox and possibly further system services

<a href=“http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-36781”>http://www.oracle.com/technetwork/security-advisory/cpuapr2018verbose-36781</a>
08.html
<a href=“http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html”>http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a>
#AppendixOVIR

This update also contains all upstream fixes and improvements in the
stable 5.1.36 release.

0.974 High

EPSS

Percentile

99.9%