Oracle CPU for April 2023 has VirtualBox CVEs: https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixOVIR The issues are fixed upstream in 7.0.8: https://www.virtualbox.org/wiki/Changelog-7.0#v8 Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 7.0.8Whiteboard: (none) => MGA8TOO
SRPMS: virtualbox-7.0.8-1.mga8.src.rpm kmod-virtualbox-7.0.8-1.mga8.src.rpm i586: virtualbox-7.0.8-1.mga8.i586.rpm virtualbox-guest-additions-7.0.8-1.mga8.i586.rpm x86_64: dkms-virtualbox-7.0.8-1.mga8.x86_64.rpm python-virtualbox-7.0.8-1.mga8.x86_64.rpm virtualbox-7.0.8-1.mga8.x86_64.rpm virtualbox-devel-7.0.8-1.mga8.x86_64.rpm virtualbox-guest-additions-7.0.8-1.mga8.x86_64.rpm virtualbox-kernel-5.15.106-desktop-2.mga8-7.0.8-1.mga8.x86_64.rpm virtualbox-kernel-5.15.106-server-2.mga8-7.0.8-1.mga8.x86_64.rpm virtualbox-kernel-desktop-latest-7.0.8-1.mga8.x86_64.rpm virtualbox-kernel-server-latest-7.0.8-1.mga8.x86_64.rpm Backports: SRPM: kmod-virtualbox-7.0.8-2.mga8.src.rpm x86_64: virtualbox-kernel-6.1.23-desktop-1.mga8-7.0.8-2.mga8.x86_64.rpm virtualbox-kernel-6.1.23-server-1.mga8-7.0.8-2.mga8.x86_64.rpm virtualbox-kernel-desktop-latest-7.0.8-2.mga8.x86_64.rpm virtualbox-kernel-server-latest-7.0.8-2.mga8.x86_64.rpm
Assignee: tmb => qa-bugsVersion: Cauldron => 8Whiteboard: MGA8TOO => (none)
CC: (none) => tmbStatus comment: Fixed upstream in 7.0.8 => (none)
MGA8-64 Plasma. No installation issues. Did a quick test with a Windows 7 guest. VirtualBox 7.0.x seems to have reverted to being unable to download the guest additions, so I downloaded them manually and loaded the CD iso into the virtual optical drive. The install went normally until what would be nearly the end. At that point Windows raised an alarm that there was a driver it couldn't verify. I told it to install anyway, and a minute later Windows crashed. It would not reboot except into safe mode from there. Eventually, I got it to boot into the last known good configuration. From there I installed the guest additions for version 7.0.6, and Windows acted more or less normally again. The same thing happened in Cauldron. It is my belief that there is something wrong with the 7.0.8 guest additions CD iso. I realize that because this is about Windows it's not something we are likely to be able to do much about. But, if we send this out with this going on, our users with Windows guests are going to be very, very unhappy.
CC: (none) => andrewsfarm
This appears to be a known upstream issue, though the discussion is about Windows XP: https://forums.virtualbox.org/viewtopic.php?t=109135#p534842 Later in the discussion someone posts that the issue is being addressed in test versions of the guest additions: https://forums.virtualbox.org/viewtopic.php?t=109135#p534859 I don't know what that would mean for us.
On real hardware, M8, Plasma, 64-bit Package(s) under test: virtualbox M9 x86_64 Plasma works just fine as a Vbox client clear uname -a urpmi --test virtualbox urpmi --test dkms-virtualbox urpmi --test virtualbox-guest-additions urpmi --test x11-driver-video-vboxvideo urpmi --test kernel-desktop-devel-latest urpmi --test virtualbox-kernel-desktop-latest Linux localhost 5.15.106-desktop-2.mga8 #1 SMP Thu Apr 6 21:16:15 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux Package virtualbox-7.0.6-1.mga8.x86_64 is already installed Package dkms-virtualbox-7.0.6-1.mga8.x86_64 is already installed Package virtualbox-guest-additions-7.0.6-1.mga8.x86_64 is already installed Package x11-driver-video-vboxvideo-1.0.0-6.mga8.x86_64 is already installed Package kernel-desktop-devel-latest-5.15.106-2.mga8.x86_64 is already installed Package virtualbox-kernel-desktop-latest-7.0.6-1.8.mga8.x86_64 is already installed install from updates testing: clear urpmi --auto virtualbox urpmi --auto dkms-virtualbox urpmi --auto virtualbox-guest-additions urpmi --auto x11-driver-video-vboxvideo urpmi --auto kernel-desktop-devel-latest urpmi --auto virtualbox-kernel-desktop-latest reboot clear uname -a urpmi --test virtualbox urpmi --test dkms-virtualbox urpmi --test virtualbox-guest-additions urpmi --test x11-driver-video-vboxvideo urpmi --test kernel-desktop-devel-latest urpmi --test virtualbox-kernel-desktop-latest Linux localhost 5.15.106-desktop-2.mga8 #1 SMP Thu Apr 6 21:16:15 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux Package virtualbox-7.0.8-1.mga8.x86_64 is already installed Package dkms-virtualbox-7.0.8-1.mga8.x86_64 is already installed Package virtualbox-guest-additions-7.0.8-1.mga8.x86_64 is already installed Package x11-driver-video-vboxvideo-1.0.0-6.mga8.x86_64 is already installed Package kernel-desktop-devel-latest-5.15.109-1.mga8.x86_64 is already installed Package virtualbox-kernel-desktop-latest-7.0.8-1.mga8.x86_64 is already installed checking update: M9 x86_64 Plasma works just fine as a Vbox client
CC: (none) => wilcal.int
Host system: AMD Phenom II X4, AMD HD 8790 graphics, mga8-64 Plasma. No installation issues. This system had pre-existing mga8-Plasma, mga8-Gnome, and Windows 7 guests. As referenced in comment 3, downloading and inserting one of the guest additions iso test builds from https://www.virtualbox.org/wiki/Testbuilds will allow Windows 7 to boot and operate. I happened to use VBoxGuestAdditions_7.0.9-157031.iso. The Gnome and Plasma guests had not been run in several months, so there were many updates pending. I ran each guest and got those updates, including our 7.0.8 guest additions rpm, then rebooted without issues. I successfully created a new Mageia 9 Plasma guest from the last Beta2 CI test iso, adding updates at the end of the install, successfully booting, activating the tainted repos, and getting the tainted updates. No issues encountered.
Keywords: (none) => advisory, validated_updateWhiteboard: (none) => MGA8-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0160.html
Status: NEW => RESOLVEDResolution: (none) => FIXED