8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
An update that fixes two vulnerabilities is now available.
Description:
This update for virtualbox fixes the following issues:
Version update to 6.1.18 (released January 19 2021)
This is a maintenance release. The following items were fixed and/or added:
Nested VM: Fixed hangs when executing SMP nested-guests under certain
conditions on Intel hosts (bug #19315, #19561)
OCI integration: Cloud Instance parameters parsing is improved on import
(bug #19156)
Network: UDP checksum offloading in e1000 no longer produces zero
checksums (bug #19930)
Network: Fixed Host-Only Ethernet Adapter DHCP, guest os can not get IP
on host resume (bug #19620)
NAT: Fixed mss parameter handing (bug #15256)
macOS host: Multiple optimizations for BigSur
Audio: Fixed issues with audio playback after host goes to sleep (bug
#18594)
Documentation: Some content touch-up and table formatting fixes
Linux host and guest: Support kernel version 5.10 (bug #20055)
Solaris host: Fix regression breaking VGA text mode since version 6.1.0
Guest Additions: Fixed a build failure affecting CentOS 8.2-2004 and
later (bug #20091)
Guest Additions: Fixed a build failure affecting Linux kernels 3.2.0
through 3.2.50 (bug #20006)
Guest Additions: Fixed a VM segfault on copy with shared clipboard with
X11 (bug #19226)
Shared Folder: Fixed error with remounting on Linux guests
Fixes CVE-2021-2074, boo#1181197 and CVE-2021-2129, boo#1181198.
Disable build of guest modules. These are included in recent kernels
Fix additional mouse control dialog issues.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-165=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.2 | noarch | < - openSUSE Leap 15.2 (noarch): | - openSUSE Leap 15.2 (noarch):.noarch.rpm | |
openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (x86_64): | - openSUSE Leap 15.2 (x86_64):.x86_64.rpm |
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P