openSUSE-SU-2021:0977-1

Опубликовано: 09 окт. 2021

Источник: suse-cvrf

Описание

Security update for virtualbox

This update for virtualbox fixes the following issues:

Update vboxdrv.sh per boo#1186361

Version bump to 6.1.22 (released April 29 2021 by Oracle)

This is a maintenance release. The following items were fixed and/or added:
VMM: Improved performance of 64-bit Windows and Solaris guests when Hyper-V is used on recent Windows 10 hosts
VMM: Fixed frequent crashes of 64-bit Windows Vista and Server 2003 guests when Hyper-V is used
GUI: Fixed regression where user was not able to save unset default shortcuts (bug #20305)
Storage: Fixed regression in LsiLogic SAS controller emulation caused VM crash (bug #20323)
Linux Guest Additions: Fixed issue when it was not possible to run executables from mounted share (bug #20320)
Fixes for CVE-2021-2145 CVE-2021-2250 CVE-2021-2264 CVE-2021-2266 CVE-2021-2279 CVE-2021-2280 CVE-2021-2281 CVE-2021-2282 CVE-2021-2283 CVE-2021-2284 CVE-2021-2285 CVE-2021-2286 CVE-2021-2287 CVE-2021-2291 CVE-2021-2296 CVE-2021-2297 CVE-2021-2306 CVE-2021-2309 CVE-2021-2310 CVE-2021-2312
Improve autostart security boo#1182918.

Список пакетов

openSUSE Leap 15.3

python3-virtualbox-6.1.22-lp153.2.3.2

virtualbox-6.1.22-lp153.2.3.2

virtualbox-devel-6.1.22-lp153.2.3.2

virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

virtualbox-guest-source-6.1.22-lp153.2.3.2

virtualbox-guest-tools-6.1.22-lp153.2.3.2

virtualbox-guest-x11-6.1.22-lp153.2.3.2

virtualbox-host-source-6.1.22-lp153.2.3.2

virtualbox-kmp-default-6.1.22_k5.3.18_59.5-lp153.2.3.2

virtualbox-kmp-preempt-6.1.22_k5.3.18_59.5-lp153.2.3.2

virtualbox-qt-6.1.22-lp153.2.3.2

virtualbox-vnc-6.1.22-lp153.2.3.2

virtualbox-websrv-6.1.22-lp153.2.3.2

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ATNJPOC23AR5PQLUDKUL5FXOOPOM3VDD/
E-Mail link for openSUSE-SU-2021:0977-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1182918
SUSE Bug 1182918
https://bugzilla.suse.com/1186361
SUSE Bug 1186361
https://www.suse.com/security/cve/CVE-2021-2145/
SUSE CVE CVE-2021-2145 page
https://www.suse.com/security/cve/CVE-2021-2250/
SUSE CVE CVE-2021-2250 page
https://www.suse.com/security/cve/CVE-2021-2264/
SUSE CVE CVE-2021-2264 page
https://www.suse.com/security/cve/CVE-2021-2266/
SUSE CVE CVE-2021-2266 page
https://www.suse.com/security/cve/CVE-2021-2279/
SUSE CVE CVE-2021-2279 page
https://www.suse.com/security/cve/CVE-2021-2280/
SUSE CVE CVE-2021-2280 page
https://www.suse.com/security/cve/CVE-2021-2281/
SUSE CVE CVE-2021-2281 page
https://www.suse.com/security/cve/CVE-2021-2282/
SUSE CVE CVE-2021-2282 page
https://www.suse.com/security/cve/CVE-2021-2283/
SUSE CVE CVE-2021-2283 page
https://www.suse.com/security/cve/CVE-2021-2284/
SUSE CVE CVE-2021-2284 page
https://www.suse.com/security/cve/CVE-2021-2285/
SUSE CVE CVE-2021-2285 page
https://www.suse.com/security/cve/CVE-2021-2286/
SUSE CVE CVE-2021-2286 page
https://www.suse.com/security/cve/CVE-2021-2287/
SUSE CVE CVE-2021-2287 page
https://www.suse.com/security/cve/CVE-2021-2291/
SUSE CVE CVE-2021-2291 page
https://www.suse.com/security/cve/CVE-2021-2296/
SUSE CVE CVE-2021-2296 page
https://www.suse.com/security/cve/CVE-2021-2297/
SUSE CVE CVE-2021-2297 page

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2145.html
CVE-2021-2145
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2250.html
CVE-2021-2250
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 8.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2264.html
CVE-2021-2264
https://bugzilla.suse.com/1184542
SUSE Bug 1184542
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2266.html
CVE-2021-2266
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2279.html
CVE-2021-2279
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2280.html
CVE-2021-2280
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2281.html
CVE-2021-2281
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2282.html
CVE-2021-2282
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2283.html
CVE-2021-2283
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2284.html
CVE-2021-2284
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2285.html
CVE-2021-2285
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2286.html
CVE-2021-2286
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2287.html
CVE-2021-2287
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2291.html
CVE-2021-2291
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2296.html
CVE-2021-2296
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2297.html
CVE-2021-2297
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2306.html
CVE-2021-2306
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2309.html
CVE-2021-2309
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2310.html
CVE-2021-2310
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows systems only. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-2312.html
CVE-2021-2312
https://bugzilla.suse.com/1185211
SUSE Bug 1185211

Описание

A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions.

Затронутые продукты

openSUSE Leap 15.3:python3-virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-devel-6.1.22-lp153.2.3.2

openSUSE Leap 15.3:virtualbox-guest-desktop-icons-6.1.22-lp153.2.3.2

Ссылки

https://www.suse.com/security/cve/CVE-2021-25319.html
CVE-2021-25319
https://bugzilla.suse.com/1182918
SUSE Bug 1182918

openSUSE-SU-2021:0977-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-2145

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2250

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2264

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2266

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2279

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2280

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2281

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2282

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2283

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2284

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2285

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2286

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2287

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2291

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2296

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2297

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2306

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2309

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-2310

Описание

Затронутые продукты