Bug 1154166 – VUL-0: virtualbox: Oracle 2019 October CPU

Bug 1154166 - VUL-0: virtualbox: Oracle 2019 October CPU


Summary:	VUL-0: virtualbox: Oracle 2019 October CPU

Status:	RESOLVED FIXED

Classification:	openSUSE
Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Security
Version:	Leap 15.0
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal (vote)
Target Milestone:	---
Assigned To:	Larry Finger
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-10-16 07:38 UTC by Robert Frohl
Modified:	2019-10-18 16:14 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Frohl 2019-10-16 07:38:23 UTC

virtualbox: Oracle Virtualization Risk Matrix

This Critical Patch Update contains 11 new security patches for Oracle Virtualization.  None of these vulnerabilities may be remotely exploitable without authentication, i.e., none may be exploited over a network without requiring user credentials.  

CVE-2019-3028
CVE-2019-3017
CVE-2019-2944
CVE-2019-3026
CVE-2019-3021
CVE-2019-2984
CVE-2019-3002
CVE-2019-3005
CVE-2019-3031
CVE-2019-1547
CVE-2019-2926

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixOVIR

Comment 1 Robert Frohl 2019-10-16 07:39:23 UTC

affecting version prior to 5.2.34 and prior to 6.0.14

Comment 2 Larry Finger 2019-10-18 16:14:20 UTC

Version 6.0.14 has been submitted to Factory.