CVE-2023-21889 Common Vulnerabilities and Exposures | SUSE

Upstream information

CVE-2023-21889 at MITRE

Description

Upstream Security Advisories:

https://www.zerodayinitiative.com/advisories/ZDI-23-119/

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v3 Scores
CVSS detail	National Vulnerability Database
Base Score	3.8
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Attack Vector	Local
Attack Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Changed
Confidentiality Impact	Low
Integrity Impact	None
Availability Impact	None
CVSSv3 Version	3.1

SUSE Bugzilla entry: 1207285 [RESOLVED / FIXED]

SUSE Security Advisories:

openSUSE-SU-2023:0033-1, published Sun Jan 29 10:43:02 2023

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Leap 15.4	`python3-virtualbox >= 7.0.6-lp154.2.26.2` `virtualbox >= 7.0.6-lp154.2.26.2` `virtualbox-devel >= 7.0.6-lp154.2.26.2` `virtualbox-guest-desktop-icons >= 7.0.6-lp154.2.26.2` `virtualbox-guest-source >= 7.0.6-lp154.2.26.2` `virtualbox-guest-tools >= 7.0.6-lp154.2.26.2` `virtualbox-host-source >= 7.0.6-lp154.2.26.2` `virtualbox-kmp-default >= 7.0.6_k5.14.21_150400.24.41-lp154.2.26.2` `virtualbox-qt >= 7.0.6-lp154.2.26.2` `virtualbox-vnc >= 7.0.6-lp154.2.26.2` `virtualbox-websrv >= 7.0.6-lp154.2.26.2`	Patchnames: openSUSE-2023-33
openSUSE Tumbleweed	`python3-virtualbox >= 7.0.6-1.1` `virtualbox >= 7.0.6-1.1` `virtualbox-devel >= 7.0.6-1.1` `virtualbox-guest-desktop-icons >= 7.0.6-1.1` `virtualbox-guest-source >= 7.0.6-1.1` `virtualbox-guest-tools >= 7.0.6-1.1` `virtualbox-host-source >= 7.0.6-1.1` `virtualbox-qt >= 7.0.6-1.1` `virtualbox-vnc >= 7.0.6-1.1` `virtualbox-websrv >= 7.0.6-1.1`	Patchnames: openSUSE-Tumbleweed-2024-12640

SUSE Timeline for this CVE

CVE page created: Thu Jan 19 13:00:17 2023
CVE page last modified: Mon Oct 6 19:45:35 2025