{"id":"MGASA-2024-0232","summary":"Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities","details":"Vulnerability in the Oracle VM VirtualBox product of Oracle\nVirtualization (component: Core). Supported versions that are affected\nare Prior to 7.0.16. Easily exploitable vulnerability allows low\nprivileged attacker with logon to the infrastructure where Oracle VM\nVirtualBox executes to compromise Oracle VM VirtualBox. Successful\nattacks of this vulnerability can result in takeover of Oracle VM\nVirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS\n3.1 Base Score 7.8 (Confidentiality, Integrity and Availability\nimpacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n","modified":"2026-03-25T17:45:15.695230Z","published":"2024-06-24T19:04:12Z","related":["CVE-2024-21103","CVE-2024-21106","CVE-2024-21107","CVE-2024-21108","CVE-2024-21109","CVE-2024-21110","CVE-2024-21111","CVE-2024-21112","CVE-2024-21113","CVE-2024-21114","CVE-2024-21115","CVE-2024-21116","CVE-2024-21121"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0232.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33273"},{"type":"REPORT","url":"https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixOVIR"},{"type":"REPORT","url":"https://www.virtualbox.org/wiki/Changelog-7.0#v16"},{"type":"REPORT","url":"https://www.virtualbox.org/wiki/Changelog-7.0#v18"}],"affected":[{"package":{"name":"virtualbox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/virtualbox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.0.18-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0232.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.0.18-48.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0232.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}