Advisories ยป MGASA-2017-0390

Updated virtualbox packages fix security vulnerabilities

Publication date: 27 Oct 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-2730 , CVE-2017-3731 , CVE-2017-3732 , CVE-2017-3733 , CVE-2017-10392 , CVE-2017-10407 , CVE-2017-10408 , CVE-2017-10428

Description

This update provides the virtualbox 5.1.30 maintenance release, fixing
security and other issues:

In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad
parameters for a DHE or ECDHE key exchange then this can result in
the client attempting to dereference a NULL pointer leading to a
client crash. This could be exploited in a Denial of Service attack
(CVE-2017-3730).

OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds
read when using a specific cipher. By sending specially crafted truncated
packets, a remote attacker could exploit this vulnerability using
CHACHA20/POLY1305 to cause the application to crash (CVE-2017-3731).

OpenSSL could allow a remote attacker to obtain sensitive information,
caused by a propagation error in the BN_mod_exp() function. An attacker
could exploit this vulnerability to obtain information about the private
key (CVE-2017-3732).

During a renegotiation handshake if the Encrypt-Then-Mac extension is
negotiated where it was not in the original handshake (or vice-versa)
then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on
ciphersuite). Both clients and servers are affected (CVE-2017-3733)

A local user can exploit a flaw in the Oracle VM VirtualBox Core component
to partially access data, partially modify data, and deny service
(CVE-2017-10392, CVE-2017-10407, CVE-2017-10408).

A local user can exploit a flaw in the Oracle VM VirtualBox Core component
to partially access data, partially modify data, and partially deny service
(CVE-2017-10428).

For other fixes in this update see the referenced changelog.
                

References

SRPMS

6/core

5/core