Package : virtualbox-ose
Version : 3.2.10-dfsg-1+squeeze4
CVE ID : CVE-2015-0377 CVE-2015-0418 CVE-2015-3456
Debian Bug : #775888 #785424
Three vulnerabilities have been fixed in the Debian squeeze-lts version of
VirtualBox (package name: virtualbox-ose), a x86 virtualisation solution.
CVE-2015-0377
Avoid VirtualBox allowing local users to affect availability via
unknown vectors related to Core, which might result in denial of
service. (Other issue than CVE-2015-0418).
CVE-2015-0418
Avoid VirtualBox allowing local users to affect availability via
unknown vectors related to Core, which might result in denial of
service. (Other issue than CVE-2015-0377).
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, also used in VirtualBox and
other virtualization products, allowed local guest users to cause a
denial of service (out-of-bounds write and guest crash) or possibly
execute arbitrary code via the (1) FD_CMD_READ_ID, (2)
FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands,
aka VENOM.
--
mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31
mail: sunweaver@debian.org, http://sunweavers.net
Attachment:
signature.asc
Description: Digital signature