openSUSE-SU-2022:10122-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:10122-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2022:10122-1
Upstream
Related
Published
2022-09-16T08:01:40Z
Modified
2026-02-04T03:20:32.005540Z
Summary
Security update for virtualbox
Details

This update for virtualbox fixes the following issues:

  • Remove package virtualbox-guest-x11, which is no longer needed.

  • Fix screen resizing under Wayland (boo#1194126 and boo#1194126)

Version bump to 6.1.36 released by Oracle July 19 2022

This is a maintenance release. The following items were fixed and/or added:

  • VMM: Fixed possible Linux guest kernel crash when configuring Speculative Store Bypass for a single vCPU VM
  • GUI: In the storage page of the virtual machine settings dialog, fixed a bug which disrupted mouse interaction with the native file selector on KDE
  • NAT: Prevent issue when host resolver incorrectly returned NXDOMAIN for unsupported queries (bug #20977)
  • Audio: General improvements in saved state area
  • Recording: Various fixes for settings handling
  • VGA: Performance improvements for screen updates when VBE banking is used
  • USB: Fixed rare crashes when detaching a USB device
  • ATA: Fixed NT4 guests taking a minute to eject CDs
  • vboximg-mount: Fixed broken write support (bug #20896)
  • SDK: Fixed Python bindings incorrectly trying to convert arbitrary byte data into unicode objects with Python 3, causing exceptions (bug #19740)
  • API: Fixed an issue when virtual USB mass storage devices or virtual USB DVD drives are added while the VM is not running are by default not marked as hot-pluggable
  • API: Initial support for Python 3.10
  • API: Solaris OS types cleanup
  • Linux and Solaris hosts: Allow to mount shared folder if it is represented as a symlink on a host side (bug #17491)
  • Linux Host and Guest drivers: Introduced initial support for kernels 5.18, 5.19 and RHEL 9.1 (bugs #20914, #20941)
  • Linux Host and Guest drivers: Better support for kernels built with clang compiler (bugs #20425 and #20998)
  • Solaris Guest Additions: General improvements in installer area
  • Solaris Guest Additions: Fixed guest screen resize in VMSVGA graphics configuration
  • Linux and Solaris Guest Additions: Fixed multi-screen handling in VBoxVGA and VBoxSVGA graphics configuration
  • Linux and Solaris Guest Additions: Added support for setting primary screen via VBoxManage
  • Linux and Solaris Guest Additions: Fixed X11 resources leak when resizing guest screens
  • Linux and Solaris Guest Additions: Fixed file descriptor leak when starting a process using guest control (bug #20902)
  • Linux and Solaris Guest Additions: Fixed guest control executing processes as root
  • Linux Guest Additions: Improved guests booting time by preventing kernel modules from being rebuilt when it is not necessary (bug #20502)
  • Windows Guest Additions: Fixed VBoxTray crash on startup in NT4 guests on rare circumstances
  • Fixes CVE-2022-21571) VUL-0: CVE-2022-21571,CVE-2022-21554 - boo#1201720
References

Affected packages

openSUSE:Leap 15.3 / virtualbox

Package

Name
virtualbox
Purl
pkg:rpm/opensuse/virtualbox&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.36-lp153.2.33.2

Ecosystem specific 

{
    "binaries": [
        {
            "virtualbox-vnc": "6.1.36-lp153.2.33.2",
            "python3-virtualbox": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-tools": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-source": "6.1.36-lp153.2.33.2",
            "virtualbox-host-source": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-desktop-icons": "6.1.36-lp153.2.33.2",
            "virtualbox-devel": "6.1.36-lp153.2.33.2",
            "virtualbox-qt": "6.1.36-lp153.2.33.2",
            "virtualbox": "6.1.36-lp153.2.33.2",
            "virtualbox-kmp-preempt": "6.1.36_k5.3.18_150300.59.90-lp153.2.33.2",
            "virtualbox-kmp-default": "6.1.36_k5.3.18_150300.59.90-lp153.2.33.2",
            "virtualbox-websrv": "6.1.36-lp153.2.33.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:10122-1.json"

openSUSE:Leap 15.3 / virtualbox-kmp

Package

Name
virtualbox-kmp
Purl
pkg:rpm/opensuse/virtualbox-kmp&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.36-lp153.2.33.2

Ecosystem specific 

{
    "binaries": [
        {
            "virtualbox-vnc": "6.1.36-lp153.2.33.2",
            "python3-virtualbox": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-tools": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-source": "6.1.36-lp153.2.33.2",
            "virtualbox-host-source": "6.1.36-lp153.2.33.2",
            "virtualbox-guest-desktop-icons": "6.1.36-lp153.2.33.2",
            "virtualbox-devel": "6.1.36-lp153.2.33.2",
            "virtualbox-qt": "6.1.36-lp153.2.33.2",
            "virtualbox": "6.1.36-lp153.2.33.2",
            "virtualbox-kmp-preempt": "6.1.36_k5.3.18_150300.59.90-lp153.2.33.2",
            "virtualbox-kmp-default": "6.1.36_k5.3.18_150300.59.90-lp153.2.33.2",
            "virtualbox-websrv": "6.1.36-lp153.2.33.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:10122-1.json"