Все бюллетени/sisyphus/ALT-PU-2018-2536-1
ALT-PU-2018-2536-1

Обновление пакета kernel-modules-virtualbox-addition-std-def в ветке sisyphus

Версия5.2.20-alt1.265806.1
Задание#215247
Опубликовано2018-10-22
Макс. серьёзностьCRITICAL
Серьёзность:

Закрытые проблемы (26)

BDU:2019-00096
CRITICAL9.0

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xКРИТИЧЕСКАЯ 9.0
CVSS:3.x/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0КРИТИЧЕСКАЯ 9.0
CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C
Ссылки
BDU:2019-00098
HIGH8.6

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00099
HIGH8.6

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00100
HIGH8.6

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю раскрыть защищаемую информацию

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00101
HIGH8.6

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю раскрыть защищаемую информацию

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00102
HIGH8.6

Уязвимость подкомпонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю раскрыть защищаемую информацию

Опубликовано: 2019-01-15Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00263
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00264
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00265
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00266
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00267
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00268
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
BDU:2019-00269
HIGH8.6

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Опубликовано: 2019-01-23Изменено: 2021-03-23
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0ВЫСОКАЯ 7.2
CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C
Ссылки
CVE-2018-2909
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3287
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3288
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3289
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3290
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3291
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3292
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3293
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3294
CRITICAL9.0

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 6.0
CVSS:2.0/AV:N/AC:M/Au:S/C:P/I:P/A:P
CVSS 3.xКРИТИЧЕСКАЯ 9.0
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3295
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3296
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3297
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки
CVE-2018-3298
HIGH8.6

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Опубликовано: 2018-10-17Изменено: 2024-11-21
CVSS 2.0СРЕДНЯЯ 4.4
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xВЫСОКАЯ 8.6
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки