Bugzilla – Bug 976636
VUL-0: CVE-2016-0678: virtualbox: Unspecified vulnerability in the Oracle VM VirtualBox
Last modified: 2016-05-31 17:08:08 UTC
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle
Virtualization VirtualBox before 5.0.18 allows local users to affect
confidentiality, integrity, and availability via vectors related to Core.
This vulnerability is fixed in VirtualBox version 5.0.18, which is currently building on Factory. It will soon be submitted to the Leap 42.1 Update repo.
At the moment, no fix is available for VB 4.3.X, which is used by openSUSE 13.2. Perhaps it is time to switch to 5.0.X for 13.2.
bugbot adjusting priority
VB version 5.0.18 fixes thos vulnerability. It has been submitted to OBS for TW, Leap 42.1 and openSUSE 13.2.
openSUSE-SU-2016:1451-1: An update that solves one vulnerability and has two fixes is now available.
Category: security (moderate)
Bug References: 976636,977200,977328
CVE References: CVE-2016-0678
openSUSE Leap 42.1 (src): virtualbox-5.0.18-16.1