CVE-2016-5611

NameCVE-2016-5611
DescriptionUnspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
NVD severitylow (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
virtualbox (PTS)jessie/contrib (security), jessie/contrib4.3.36-dfsg-1+deb8u1vulnerable
buster/contrib5.2.0-dfsg-5fixed
sid/contrib5.2.2-dfsg-1fixed
wheezy, wheezy (security)4.1.42-dfsg-1+deb7u1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
virtualboxsource(unstable)5.1.8-dfsg-1low
virtualboxsourcejessie(unfixed)end-of-life
virtualboxsourcewheezy(unfixed)end-of-life

Notes

[jessie] - virtualbox <end-of-life> (DSA-3699-1)
[wheezy] - virtualbox <end-of-life> (DSA 3454)

Search for package or bug name: Reporting problems