1 |
type: security |
2 |
subject: Updated virtualbox packages fixes security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2016-5545 |
5 |
- CVE-2017-3290 |
6 |
- CVE-2017-3316 |
7 |
- CVE-2017-3332 |
8 |
- CVE-2017-3538 |
9 |
src: |
10 |
5: |
11 |
core: |
12 |
- kmod-vboxadditions-5.1.18-1.mga5 |
13 |
- kmod-virtualbox-5.1.18-1.mga5 |
14 |
- virtualbox-5.1.18-1.mga5 |
15 |
description: | |
16 |
This update provides virtualbox 5.1.18 maintenance release and resolves |
17 |
atleast the following security issues: |
18 |
|
19 |
A vulnerability in the GUI subcomponent of virtualbox allows unauthenticated |
20 |
attacker unauthorized update, insert or delete access to some data as well |
21 |
as unauthorized read access to a subset of VirtualBox accessible data and |
22 |
unauthorized ability to cause a partial denial of service (bsc#1020856) |
23 |
(CVE-2016-5545). |
24 |
|
25 |
A vulnerability in the Shared Folder subcomponent of virtualbox allows high |
26 |
privileged attacker unauthorized creation, deletion or modification access |
27 |
to critical data and unauthorized ability to cause a hang or frequently |
28 |
repeatable crash (bsc#1020856) (CVE-2017-3290). |
29 |
|
30 |
A vulnerability in the GUI subcomponent of virtualbox allows high privileged |
31 |
attacker with network access via multiple protocols to compromise virtualbox |
32 |
(bsc#1020856) (CVE-2017-3316). |
33 |
|
34 |
A vulnerability in the SVGA Emulation subcomponent of virtualbox allows low |
35 |
privileged attacker unauthorized creation, deletion or modification access |
36 |
to critical data and unauthorized ability to cause a hang or frequently |
37 |
repeatable crash (bsc#1020856) (CVE-2017-3332). |
38 |
|
39 |
A vulnerability in the Shared Folder subcomponent of virtualbox allows high |
40 |
privileged attacker unauthorized creation, deletion or modification access |
41 |
to critical data and unauthorized access to critical data to all virtualbox |
42 |
accessible data (CVE-2017-3538). |
43 |
|
44 |
For other fixes in this update, see the referenced changelog. |
45 |
references: |
46 |
- https://bugs.mageia.org/show_bug.cgi?id=20222 |
47 |
- https://www.virtualbox.org/wiki/Changelog |
48 |
ID: MGASA-2017-0078 |