Bug 31429 - virtualbox new security issues CVE-2023-2188[469]
Summary: virtualbox new security issues CVE-2023-2188[469]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2023-01-18 19:49 CET by David Walser
Modified: 2023-01-24 09:00 CET (History)
4 users (show)

See Also:
Source RPM: virtualbox-7.0.4-1.mga9.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2023-01-18 19:49:27 CET 
Oracle CPU for January 2023 has VirtualBox CVEs:
https://www.oracle.com/security-alerts/cpujan2023.html#AppendixOVIR

The issues are fixed upstream in 7.0.6:
https://www.virtualbox.org/wiki/Changelog-7.0#v6

Mageia 8 is also affected.
David Walser 2023-01-18 19:50:06 CET

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Fixed upstream in 7.0.6

Comment 1 Thomas Backlund 2023-01-22 22:49:24 CET 
SRPMS:
virtualbox-7.0.6-1.mga8.src.rpm
kmod-virtualbox-7.0.6-1.mga8.src.rpm


i586:
virtualbox-7.0.6-1.mga8.i586.rpm
virtualbox-guest-additions-7.0.6-1.mga8.i586.rpm


x86_64:
dkms-virtualbox-7.0.6-1.mga8.x86_64.rpm
python-virtualbox-7.0.6-1.mga8.x86_64.rpm
virtualbox-7.0.6-1.mga8.x86_64.rpm
virtualbox-devel-7.0.6-1.mga8.x86_64.rpm
virtualbox-guest-additions-7.0.6-1.mga8.x86_64.rpm
virtualbox-kernel-5.15.88-desktop-1.mga8-7.0.6-1.mga8.x86_64.rpm
virtualbox-kernel-5.15.88-server-1.mga8-7.0.6-1.mga8.x86_64.rpm
virtualbox-kernel-desktop-latest-7.0.6-1.mga8.x86_64.rpm
virtualbox-kernel-server-latest-7.0.6-1.mga8.x86_64.rpm









backports kmods:

SRPM:
kmod-virtualbox-7.0.6-2.mga8.src.rpm

x86_64:
virtualbox-kernel-6.1.6-desktop-1.mga8-7.0.6-2.mga8.x86_64.rpm
virtualbox-kernel-6.1.6-server-1.mga8-7.0.6-2.mga8.x86_64.rpm
virtualbox-kernel-desktop-latest-7.0.6-2.mga8.x86_64.rpm
virtualbox-kernel-server-latest-7.0.6-2.mga8.x86_64.rpm

Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)
Assignee: tmb => qa-bugs

David Walser 2023-01-22 22:50:39 CET

Status comment: Fixed upstream in 7.0.6 => (none)

Comment 2 Morgan Leijström 2023-01-23 12:53:44 CET 
mga8-64 OK for me on kernel 5.15.88-desktop-1.mga8;

Host:
[morgan@svarten ~]$ uname -a
Linux svarten.tribun 5.15.88-desktop-1.mga8 #1 SMP Sat Jan 14 15:00:41 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[morgan@svarten ~]$ dkms status | grep 5.15.88
nvidia-current, 515.86.01-1.mga8.nonfree, 5.15.88-desktop-1.mga8, x86_64: installed 
virtualbox, 7.0.6-1.mga8, 5.15.88-desktop-1.mga8, x86_64: installed-binary from 5.15.88-desktop-1.mga8

[morgan@svarten ~]$ rpm -qa | grep virtualbox | grep 7.0.6
virtualbox-kernel-desktop-latest-7.0.6-1.mga8
virtualbox-7.0.6-1.mga8
virtualbox-kernel-5.15.88-desktop-1.mga8-7.0.6-1.mga8


Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display.

Hardware:  My venerable workstation "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display.  Disk&Filesystem: SSD with /boot/EFI and ext4 /boot, LUKS{LVM {swap, ext4 /home & / } and a spinner at /mnt/spinner


Tests OK as VirtualBox Host, all three guests running concurrently:

Guest 1: my usual MSW7pro-64, 
On first boot to desktop it popped up a message new guest additions are needed. A guest window frame dropdown menu provided update, it worked automatically, and I then rebooted guest. tests OK: dynamic guest window resizing, bidirectional clipboard, host shared folders both bidirectional and write protection checked, USB2  memory stick read&write (using upstream extension pack), video playing OK in Firefox, drag file from host Dolphin to guest Explorer. 

Guest 2a and 2b (two instances): BOINC LHC@home ATLAS simulation virtual machine 3CPU.

Guest 3: Mageia 8 -64, Xfce. kernel 6.1.6-desktop-1.mga8.  Updated guest additions to virtualbox-guest-additions-7.0.6-1 (when booting it used 7.0.4), rebooted. Problem: When I came back black screen. *)  Powered it off in VirtualBox, and started it again, no problem now.  Firefox surfing and plays video. drakrpm to update. Plugged in USB flash stick in host, checked it in VritualBox guest window frame menu to share, the partitions icons popped up on xfce desktop, and I could read and put new files. Bidirectional shared clipboard. Dynamic desktop resizing.

*) after reboot journalctl -b-1 ends with the following so the shutdown was successful, but it did not reboot up at all by itself.  So OK enough, it did not destroy anything...  Some glitch due to changed guest additions?
Jan 23 03:49:13 localhost systemd[1]: Finished Reboot.
Jan 23 03:49:13 localhost systemd[1]: Reached target Reboot.
Jan 23 03:49:13 localhost systemd[1]: Shutting down.
Jan 23 03:49:13 localhost systemd-shutdown[1]: Syncing filesystems and block devices.
Jan 23 03:49:13 localhost systemd-journald[479]: Journal stopped
(I did not watch the screen all time, but a minute later when it should have rebooted it was just black with blinking cursor top left.)
(obviously, system time is off. For later check.)

CC: (none) => fri

Comment 3 Thomas Andrews 2023-01-24 01:51:59 CET 
Host: MGA8-64 Plasma, i5-2500, Intel graphics, wired Internet.

No installation issues. Ran a Mageia 8 32-bit Plasma guest, updated it, updated the guest additions, rebooted it, and all seems well.

Ran a Windows 7 guest, used the gui "Upgrade guest additions" function to download and insert/upgrade the additions. Windows checked for new HP software(none available), updated anti-malware definitions. I told it to shut down, but it had to finish an update first. Typical.

Created a new guest, then tried to boot into the latest round of Cauldron test beta Live i586 Xfce iso. This got as far as a login screen, and that was it - a known bug in the iso. Enabled 3D acceleration, and booted the guest into Live mode. Installed 32-bit Xfce without issues, and rebooted.

Looks good here so far.

CC: (none) => andrewsfarm

Comment 4 Morgan Leijström 2023-01-24 02:34:55 CET 
mga8-64 OK for me on backport kernel 6.1.6-desktop-1.mga8;

Same host and guests as in Comment 2

[morgan@svarten ~]$ uname -a
Linux svarten.tribun 6.1.6-desktop-1.mga8 #1 SMP PREEMPT_DYNAMIC Sat Jan 14 13:18:00 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[morgan@svarten ~]$ dkms status | grep 6.1.6
nvidia-current, 515.86.01-1.mga8.nonfree, 6.1.6-desktop-1.mga8, x86_64: installed 
virtualbox, 7.0.6-1.mga8, 6.1.6-desktop-1.mga8, x86_64: installed-binary from 6.1.6-desktop-1.mga8

Tests OK as VirtualBox Host, all three guests running concurrently:

Guest 1: my usual MSW7pro-64, 
Tests OK: dynamic guest window resizing, bidirectional clipboard, host shared folders both bidirectional and write protection checked, USB2  memory stick read&write (using upstream extension pack), video playing OK in Firefox, drag file from host Dolphin to guest Explorer. 

Guest 2a and 2b (two instances): BOINC LHC@home ATLAS simulation virtual machine 3CPU.

Guest 3: Mageia 8 -64, Xfce. kernel 6.1.6-desktop-1.mga8. Firefox surfing and plays video. drakrpm to update. Plugged in USB flash stick in host, checked it in VritualBox guest window frame menu to share, the partitions icons popped up on xfce desktop, and I could read and put new files. Bidirectional shared clipboard. Dynamic desktop resizing.
Comment 5 Dave Hodgins 2023-01-24 03:17:43 CET 
No regressions noticed in my testing on x86_64 host with x86_64 and i586 guests.
Advisory committed to svn. Validating the update.

Whiteboard: (none) => MGA8-64-OK
Keywords: (none) => advisory, validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 6 Mageia Robot 2023-01-24 09:00:53 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0024.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.