{"affected":[{"ecosystem_specific":{"binaries":[{"python3-virtualbox":"7.0.12-lp155.2.13.1","virtualbox":"7.0.12-lp155.2.13.1","virtualbox-devel":"7.0.12-lp155.2.13.1","virtualbox-guest-desktop-icons":"7.0.12-lp155.2.13.1","virtualbox-guest-source":"7.0.12-lp155.2.13.1","virtualbox-guest-tools":"7.0.12-lp155.2.13.1","virtualbox-host-source":"7.0.12-lp155.2.13.1","virtualbox-kmp-default":"7.0.12_k5.14.21_150500.55.31-lp155.2.13.1","virtualbox-qt":"7.0.12-lp155.2.13.1","virtualbox-vnc":"7.0.12-lp155.2.13.1","virtualbox-websrv":"7.0.12-lp155.2.13.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"virtualbox","purl":"pkg:rpm/opensuse/virtualbox&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.12-lp155.2.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-virtualbox":"7.0.12-lp155.2.13.1","virtualbox":"7.0.12-lp155.2.13.1","virtualbox-devel":"7.0.12-lp155.2.13.1","virtualbox-guest-desktop-icons":"7.0.12-lp155.2.13.1","virtualbox-guest-source":"7.0.12-lp155.2.13.1","virtualbox-guest-tools":"7.0.12-lp155.2.13.1","virtualbox-host-source":"7.0.12-lp155.2.13.1","virtualbox-kmp-default":"7.0.12_k5.14.21_150500.55.31-lp155.2.13.1","virtualbox-qt":"7.0.12-lp155.2.13.1","virtualbox-vnc":"7.0.12-lp155.2.13.1","virtualbox-websrv":"7.0.12-lp155.2.13.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"virtualbox-kmp","purl":"pkg:rpm/opensuse/virtualbox-kmp&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.12-lp155.2.13.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for virtualbox fixes the following issues:\n\n- Version bump to VirtualBox 7.0.12 (released October 17 2023 by Oracle)\n\n  Fixes the following:\n  - CVE-2023-22098 (boo#1216363)\n  - CVE-2023-22099 (boo#1216364)\n  - CVE-2023-22100 (boo#1216365)\n\nThis is a maintenance release. The following items were fixed and/or added:\n\n- VMM: Fixed using a debugger inside the guest under certain circumstances (bugs #21413 and #21546)\n- VMM: Fixed detection of VT-x being used by other hypervisors (bug #21867)\n- VMM: Introduced additional improvements in Split Lock Detection feature of recent Intel CPUs on Linux hosts (bug #20180)\n- GUI: Fixed issue when the nested hardware virtualization setting was not displayed in the VM details panel (bug #21707)\n- GUI: Introduced NLS update for Croatian, Indonesian, Italian, Japanese, Korean, Dutch and Turkish languages as well as added general look-and-feel improvements\n- Devices: Fixed black screen in Windows guests with multiple guest screens when 3D is disabled (7.0.10 regression)\n- Devices: Fixed PCI device identifiers for the VirtIO network interface (bug #21516)\n- Devices: Fixed VLAN support for the VirtIO network interface (bug #21778)\n- Devices: Fixed loading saved states when a TPM is configured (7.0.10 regression, bug #21773)\n- Networking: Fixed memory leaks in the VBoxIntNetSwitch process on macOS (bug #21752)\n- Networking: Fixed TCP connections with IP addresses ending on .2 when the NAT network attachment is used (bug #21513)\n- VRDP: Added general improvements\n- VBoxManage: Added improvements for 'list usbfilters' command\n- Unattended: Added kick start file support for Oracle Linux 8 and Oracle Linux 9.\n- Main: Added more Linux OS subtypes\n- Host Services: Fixed Guest Properties service crash under rare circumstance\n- Linux Host and Guest: Fixed few 'field-spanning write' kernel warnings (bugs #21410 and #21862)\n- Linux Guest Additions: Added more fixes for RHEL 8.9 and 9.3 kernel\n- Linux Guest Additions: Added more fixes for kernel 6.4\n- Linux Guest Additions: Added initial support for OpenSUSE 15.5 kernel\n- Linux Guest Additions: Added initial support for kernels 6.5 and 6.6\n- Linux Guest Additions: Added version reporting for 'rcvboxadd status-kernel' and 'rcvboxadd status-user' commands\n- BIOS: Restored support for ISA SCSI HBAs in the BIOS (bug #21736)\n\n- Convert to systemd-sysusers\n\n- Fix problems with 6.5 kernels and shared folders. (boo#1215463).\n","id":"openSUSE-SU-2023:0352-1","modified":"2023-11-04T08:59:57Z","published":"2023-11-04T08:59:57Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SUZKE6ZA5IISV77TNIUMUZMZFQSXYHQ7/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215463"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216363"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216364"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216365"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-22098"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-22099"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-22100"}],"related":["CVE-2023-22098","CVE-2023-22099","CVE-2023-22100"],"summary":"Security update for virtualbox","upstream":["CVE-2023-22098","CVE-2023-22099","CVE-2023-22100"]}