Bug 1191869 - (CVE-2021-35538) VUL-0: CVE-2021-35538: virtualbox: Oracle Critical Patch Update Advisory - October 2021
(CVE-2021-35538)
VUL-0: CVE-2021-35538: virtualbox: Oracle Critical Patch Update Advisory - Oc...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Basesystem
Leap 15.3
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Larry Finger
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-10-20 12:57 UTC by Alexander Bergmann
Modified: 2021-10-31 20:20 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2021-10-20 12:57:44 UTC
https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixOVIR

VirtualBox prior to 6.1.28

* CVE-2021-35538
* CVE-2021-35545
* CVE-2021-35540
* CVE-2021-35542
* CVE-2021-2475
Comment 1 Larry Finger 2021-10-21 17:56:24 UTC
VirtualBox 6.1.28 has been sent to Factory. Leap versions to follow soon.
Comment 2 OBSbugzilla Bot 2021-10-21 22:40:16 UTC
This is an autogenerated message for OBS integration:
This bug (1191869) was mentioned in
https://build.opensuse.org/request/show/926831 15.3 / virtualbox
https://build.opensuse.org/request/show/926833 15.2 / virtualbox
Comment 3 Larry Finger 2021-10-22 16:05:13 UTC
As version 6.1.28 has been sent to openSUSE Factory (Tumbleweed), Leap 15.2, and Leap 15.3, I am closing this BUG as fixed.
Comment 4 Swamp Workflow Management 2021-10-26 13:22:06 UTC
openSUSE-SU-2021:1393-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1191104,1191526,1191869
CVE References: CVE-2021-2475,CVE-2021-35538,CVE-2021-35540,CVE-2021-35542,CVE-2021-35545
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    virtualbox-6.1.28-lp153.2.12.1, virtualbox-kmp-6.1.28-lp153.2.12.1
Comment 5 Swamp Workflow Management 2021-10-31 20:20:50 UTC
openSUSE-SU-2021:1403-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1191104,1191526,1191869
CVE References: CVE-2021-2475,CVE-2021-35538,CVE-2021-35540,CVE-2021-35542,CVE-2021-35545
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    virtualbox-6.1.28-lp152.2.38.1, virtualbox-kmp-6.1.28-lp152.2.38.1