MGASA-2024-0232

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0232.html

Import Source

https://advisories.mageia.org/MGASA-2024-0232.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0232

Related

CVE-2024-21103
CVE-2024-21106
CVE-2024-21107
CVE-2024-21108
CVE-2024-21109
CVE-2024-21110
CVE-2024-21111
CVE-2024-21112
CVE-2024-21113
CVE-2024-21114
CVE-2024-21115
CVE-2024-21116
CVE-2024-21121

Published

2024-06-24T19:04:12Z

Modified

2024-06-24T18:37:34Z

Summary

Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities

Details

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / virtualbox

Package

Name: virtualbox
Purl: pkg:rpm/mageia/virtualbox?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.18-1.mga9

Ecosystem specific

{
    "section": "core"
}

Mageia:9 / kmod-virtualbox

Package

Name: kmod-virtualbox
Purl: pkg:rpm/mageia/kmod-virtualbox?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.18-48.mga9

Ecosystem specific

{
    "section": "core"
}