{"id":"MGASA-2026-0109","summary":"Updated virtualbox packages fix security vulnerabilities","details":"Some security vulnerabilities are fixed by this update; please see the\nlinks.\nIf you will not update to kernel 6.6.137 flavors, please think in use\ndkms-virtualbox package instead of virtualbox-kernel as those packages\nhave not been updated for previous kernels.\n","modified":"2026-05-06T17:00:07.395543Z","published":"2026-05-06T16:52:07Z","upstream":["CVE-2026-35230","CVE-2026-35242","CVE-2026-35245","CVE-2026-35246","CVE-2026-35247","CVE-2026-35248","CVE-2026-35249","CVE-2026-35250","CVE-2026-35251"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0109.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35425"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixOVIR"}],"affected":[{"package":{"name":"virtualbox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/virtualbox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.1.18-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0109.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}