Those CVEs were announced here: https://www.oracle.com/security-alerts/cpujul2024.html#AppendixOVIR There are fixed in 7.0.20: https://www.virtualbox.org/wiki/Changelog-7.0#v20 Mageia 9 is also affected.
Severity: normal => majorStatus comment: (none) => Fixed upstream in 7.0.20Whiteboard: (none) => MGA9TOOSource RPM: (none) => virtualbox-7.0.18-1.mga9.src.rpmCVE: (none) => CVE-2024-21141, CVE-2024-21161, CVE-2024-21164
VB updates go with kernel; assigning thus.
Assignee: bugsquad => kernel
Blocks: (none) => 33400
I see 7.0.20 built, pushed by Giuseppe. Ready for QA?
CC: (none) => fri
CC: (none) => ghibomgxSource RPM: virtualbox-7.0.18-1.mga9.src.rpm => virtualbox-7.0.20-1.mga9, kmod-virtualbox-7.0.20-51.mga9
(In reply to Morgan Leijström from comment #2) > I see 7.0.20 built, pushed by Giuseppe. Ready for QA? Yes. I updated the files in Source RPM field for retrieving the correct files list.
Then we assign QA :)
Assignee: kernel => qa-bugs
OK here Running on kernel 6.6.37-desktop-1 Ran tests with both dkms built kmod only, and with virtualbox-kernel package. Also testing/using nvidia-current-550.100 from nonfree testing, and mesa-24.1.4-1 from core updates testing. TEST Running MSW 7 64 bit guest: On first launch it detected it needed new guest addition - I let it download & update. Windows update found security updates, I let it update, and rebooted. Tested dynamic window resizing, USB 2 flash disk, host folder sharing write protected and not, bidirectional clipboard, drag file from Dolphin to Explorer, Internet video in Firefox. As expected the upstream USB regression of VB > 7.0.14 is still here: Bug 33400 - VirtualBox 7.0.18 regression: some USB devices fail, guest hang $ inxi -SMCG System: Host: svarten.tribun Kernel: 6.6.37-desktop-1.mga9 arch: x86_64 bits: 64 Desktop: KDE Plasma v: 5.27.10 Distro: Mageia 9 Machine: Type: Desktop Mobo: ASRock model: P55 Pro serial: <superuser required> BIOS: American Megatrends v: P2.60 date: 08/20/2010 CPU: Info: dual core model: Intel Core i7 870 bits: 64 type: MT MCP cache: L2: 512 KiB Speed (MHz): avg: 1205 min/max: 1200/2934 cores: 1: 1205 2: 1205 3: 1205 4: 1205 Graphics: Device-1: NVIDIA GM107 [GeForce GTX 750] driver: nvidia v: 550.100 Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X: loaded: nvidia,v4l gpu: nvidia,nvidia-nvswitch resolution: 3840x2160~60Hz API: OpenGL v: 4.6.0 NVIDIA 550.100 renderer: NVIDIA GeForce GTX 750/PCIe/SSE2
Blocks: 33400 => (none)
List of packages i586: virtualbox-7.0.20-1.mga9.i586.rpm virtualbox-guest-additions-7.0.20-1.mga9.i586.rpm x86_64: dkms-virtualbox-7.0.20-1.mga9.x86_64.rpm python-virtualbox-7.0.20-1.mga9.x86_64.rpm virtualbox-7.0.20-1.mga9.x86_64.rpm virtualbox-devel-7.0.20-1.mga9.x86_64.rpm virtualbox-guest-additions-7.0.20-1.mga9.x86_64.rpm virtualbox-kernel-6.6.37-desktop-1.mga9-7.0.20-51.mga9.x86_64.rpm virtualbox-kernel-6.6.37-server-1.mga9-7.0.20-51.mga9.x86_64.rpm virtualbox-kernel-desktop-latest-7.0.20-51.mga9.x86_64.rpm virtualbox-kernel-server-latest-7.0.20-51.mga9.x86_64.rpm SRPM: kmod-virtualbox-7.0.20-51.mga9.src.rpm virtualbox-7.0.20-1.mga9.src.rpm I hope the list is accurate, but I can't check at this moment with new madb, and current madb omit some packages
Got successfully built in Cauldron.
Whiteboard: MGA9TOO => (none)Version: Cauldron => 9
MGA9-64 Plasma, HP Pavilion, AMD A8-4555, HD 7600G graphics. No installation issues. I've only checked my Win7 guest so far, and as usual, I had to download the guest additions and "mount" them in the guest's optical drive manually. But the additions installed correctly, and after the obligatory reboot, the guest is functioning as normally as Windows 7 ever does.
CC: (none) => andrewsfarm
Test OK also using kernel desktop 6.6.42-1, same system as in Comment 5
Keywords: (none) => advisory
Brian, can you give this a run too? This need to go out so then VB kmods for new kernel can be built to test.
CC: (none) => brtians1
Hi Morgan - Will do.
MGA9-64, AMD Ryzen 5 2600, Nvidia 1650 super, GNOME, virtualbox host ugpraded --- rebooted and downloaded the Extensions - VirtualBox Graphical User Interface Version 7.0.20_Mageia r163906 - VM's are working on Vbox (64/Xfce) - new VM working (i586/mate) - used remote desktop to access, that works
MGA9-64, Plasma, VirtualBox, Ryzen 5600 The following 4 packages are going to be installed: - dkms-virtualbox-7.0.20-1.mga9.x86_64 - virtualbox-7.0.20-1.mga9.x86_64 - virtualbox-kernel-6.6.37-desktop-1.mga9-7.0.20-51.mga9.x86_64 - virtualbox-kernel-desktop-latest-7.0.20-51.mga9.x86_64 -- rebooted $ uname -a Linux localhost.localdomain 6.6.37-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sat Jul 6 01:42:12 UTC 2024 x86_64 GNU/Linux Virtualbox showing correct version - installed VBox extensions - worked - tested several different VM's - working No issues to report
Thank you This is about as much we use to test it.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA9-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0275.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED