Debian Security Advisory DSA 2594-1 (virtualbox-ose - Programming Error) Network Vulnerability

Summary

halfdog discovered that incorrect interrupt handling in VirtualBox, a x86 virtualization solution, can lead to denial of service.

Solution

For the stable distribution (squeeze), this problem has been fixed in version 3.2.10-dfsg-1+squeeze1. For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 4.1.18-dfsg-1.1 of the virtualbox source package. We recommend that you upgrade your virtualbox-ose packages.

Insight

VirtualBox is a free x86 virtualization solution allowing a wide range of x86 operating systems such as Windows, DOS, BSD or Linux to run on a Linux system.

Affected

virtualbox-ose on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2012/dsa-2594.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3221

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 286-1 (gs-common)
Debian Security Advisory DSA 2878-1 (virtualbox - security update)
Debian Security Advisory DSA 1255-1 (libgtop2)
Debian Security Advisory DSA 2309-1 (openssl)
Debian Security Advisory DSA 1170-1 (gcc-3.4)

Debian Security Advisory DSA 2594-1 (virtualbox-ose - programming error)

Take action and discover your vulnerabilities