Test ID:	1.3.6.1.4.1.25623.1.1.10.2025.0002
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2025-0002)
Summary:	The remote host is missing an update for the 'kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2025-0002 advisory.
Description:	Summary: The remote host is missing an update for the 'kmod-virtualbox, virtualbox' package(s) announced via the MGASA-2025-0002 advisory. Vulnerability Insight: Vulnerabilities were found in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are prior to 7.0.22 and prior to 7.1.2. A difficult to exploit vulnerability allows a high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise an Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VirtualBox VMs. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). Affected Software/OS: 'kmod-virtualbox, virtualbox' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.9 CVSS Vector: AV:L/AC:H/Au:M/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-21248 Common Vulnerability Exposure (CVE) ID: CVE-2024-21253 Common Vulnerability Exposure (CVE) ID: CVE-2024-21259 Common Vulnerability Exposure (CVE) ID: CVE-2024-21263 Common Vulnerability Exposure (CVE) ID: CVE-2024-21273
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.