[Bug 1231739] New: VUL-0: CVE-2024-21253: virtualbox: a partial denial of service of Oracle VM VirtualBox can be caused by a high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes
https://bugzilla.suse.com/show_bug.cgi?id=1231739 Bug ID: 1231739 Summary: VUL-0: CVE-2024-21253: virtualbox: a partial denial of service of Oracle VM VirtualBox can be caused by a high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/424151/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: jengelh@inai.de Reporter: smash_bz@suse.de QA Contact: security-team@suse.de CC: camila.matos@suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 2.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). References: https://www.oracle.com/security-alerts/cpuoct2024.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21253 https://www.cve.org/CVERecord?id=CVE-2024-21253 https://bugzilla.redhat.com/show_bug.cgi?id=2318893 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1231739 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com