Gentoo FoundationMGASA-2015-0415Updated virtualbox packages fix security vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
83.5%
A vulnerability in the Oracle VM VirtualBox component prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32 and 5.0.8. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). Note: Only Windows guests are impacted, and Windows guests without VirtualBox Guest Additions installed are not affected (CVE-2015-4813). A vulnerability in the Oracle VM VirtualBox component prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32 and 5.0.8. Easily exploitable vulnerability allows successful unauthenticated network attacks. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). Note: Only VMs with Remote Display feature (RDP) enabled are impacted (CVE-2015-4896). For other fixes in this update, see the referenced changelog.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | kmod-vboxadditions | < 5.0.8-1 | kmod-vboxadditions-5.0.8-1.mga5 |
| Mageia | 5 | noarch | kmod-virtualbox | < 5.0.8-1 | kmod-virtualbox-5.0.8-1.mga5 |
| Mageia | 5 | noarch | virtualbox | < 5.0.8-1 | virtualbox-5.0.8-1.mga5 |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
83.5%