CVE-2016-0495

Publication date 21 January 2016

Last updated 24 July 2024

Ubuntu priority

Description

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
virtualbox	17.04 zesty	Not affected
	16.10 yakkety	Not affected
	16.04 LTS xenial	Not affected
	15.10 wily	Fixed 5.0.14-dfsg-0ubuntu1.15.10.1
	15.04 vivid	Fixed 4.3.36-dfsg-1+deb8u1ubuntu1.15.04.1
	14.04 LTS trusty	Fixed 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1
	12.04 LTS precise	Ignored end of life

How can I get the fixes?
What do statuses mean?

Notes

tyhicks

“VirtualBox prior to 4.3.36, prior to 5.0.14”

sbeattie

likely not-affected for precise, not listed in matrix for this CVE

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
https://www.cve.org/CVERecord?id=CVE-2016-0495