Candidate: CVE-2019-2926
PublicDate: 2019-10-16 18:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2926
 http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Description:
 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization
 (component: Core). Supported versions that are affected are Prior to 5.2.34
 and prior to 6.0.14. Easily exploitable vulnerability allows high
 privileged attacker with logon to the infrastructure where Oracle VM
 VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks
 of this vulnerability can result in unauthorized ability to cause a partial
 denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base
 Score 2.3 (Availability impacts). CVSS Vector:
 (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L [2.3 LOW]


Patches_virtualbox:
upstream_virtualbox: needs-triage
precise/esm_virtualbox: DNE
trusty_virtualbox: ignored (out of standard support)
trusty/esm_virtualbox: DNE
xenial_virtualbox: ignored (end of standard support, was needs-triage)
bionic_virtualbox: needs-triage
disco_virtualbox: ignored (reached end-of-life)
eoan_virtualbox: not-affected (6.0.14-dfsg-1)
focal_virtualbox: not-affected (6.0.14-dfsg-1)
groovy_virtualbox: not-affected (6.0.14-dfsg-1)
hirsute_virtualbox: not-affected (6.0.14-dfsg-1)
impish_virtualbox: not-affected (6.0.14-dfsg-1)
jammy_virtualbox: not-affected (6.0.14-dfsg-1)
devel_virtualbox: not-affected (6.0.14-dfsg-1)