Oracle has published a corrective release of the virtualization system , in which it is noted . Corrective releases of VirtualBox 6.0.20 and 5.2.40 were also released at the same time. Fixed in updates , of which 7 problems have a critical severity level (CVSS is greater than 8). Including fixed vulnerabilities used in attacks demonstrated at the competition and allowing through manipulations on the side of the guest system to gain access to the host system and execute code with the rights of the hypervisor.
Non-security changes in release 6.1.6:
- Kernel support has been added to host environment components and guest additions. Linux 5.6;
- Improved support for 2D and 3D acceleration and rendering;
- Improvements have been made to the user interface and visual elements have been updated;
- Resolved issues with screen resizing and handling of multi-monitor configurations in X11 guests
and virtual graphics adapter VMSVGA; - Improved stability and performance of the USB subsystem;
- Improved error handling in the serial port driver and fixed a hang that occurs when the host system port disappears;
- Fixed fixes in VBoxManage related to guestcontrol operations;
- An issue with exception handling in bindings for the Python language has been fixed in the API;
- Fixed bugs in the implementation of the clipboard sharing subsystem and added support for HTML data.
Source: opennet.ru
