CVE-2026-21984
HIGH 7.5Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
Affected Applications in Environment
140
avahi
v0.7-27.el8_10.1
2 devices
avahi
v0.8-22.el9_6.1
1 device
binutils
v2.30-127.0.1.el8_10
1 device
binutils
v2.30-128.0.1.el8_10
3 devices
binutils
v2.30-125.0.1.el8_10
2 devices
binutils
v2.35.2-63.0.1.el9
1 device
bolt
v0.9.1-1.el8
2 devices
bolt
v0.9.7-1.el9
1 device
c-ares
v1.13.0-11.el8_10
3 devices
c-ares
v1.19.1-2.el9_4
1 device
capstone
v4.0.2-10.el9
1 device
cockpit
v310.5-1.0.1.el8_10
1 device
cockpit
v310.4-1.0.2.el8_10
1 device
cockpit
v334.2-1.0.1.el9_6
1 device
crun
v1.23.1-2.el9_6
1 device
crun
v1.14.3-2.module+el8.10.0+90704+e5ea1250
1 device
cups
v1:2.2.6-66.el8_10
1 device
cups
v1:2.2.6-63.el8_10
1 device
cups
v1:2.2.6-62.el8_10
1 device
cups
v1:2.3.3op2-33.el9_6.1
1 device
cups-filters
v1.20.0-36.0.1.el8_10
2 devices
cups-filters
v1.20.0-35.0.1.el8_10
1 device
cups-filters
v1.28.7-20.0.1.el9
1 device
curl
v7.61.1-34.el8_10.9
3 devices
curl
v7.76.1-31.el9_6.1
1 device
curl
v7.61.1-34.el8_10.3
2 devices
curl
v7.61.1-34.el8_10.8
1 device
exiv2
v0.27.5-2.el8
1 device
exiv2
v0.27.5-2.el9
1 device
firefox
v140.3.0-1.0.1.el9_6
1 device
firefox
v128.8.0-1.0.1.el8_10
1 device
fontconfig
v2.13.1-4.el8
6 devices
fontconfig
v2.14.0-2.el9_1
1 device
fuse
v2.9.7-19.0.1.el8
6 devices
fuse
v2.9.9-17.el9
1 device
ghostscript
v9.54.0-19.el9_6
1 device
ghostscript
v9.27-15.el8_10
1 device
ghostscript
v9.27-17.el8_10
2 devices
giflib
v5.2.1-9.el9
1 device
giflib
v5.1.4-3.el8
1 device
git
v2.43.7-1.el8_10
1 device
glibc
v2.28-251.0.3.el8_10.27
3 devices
glibc
v2.28-251.0.2.el8_10.13
1 device
glibc
v2.28-251.0.3.el8_10.25
2 devices
glibc
v2.34-168.0.1.el9_6.23
1 device
gnutls
v3.6.16-8.el8_10.3
1 device
gnutls
v3.6.16-8.el8_10.4
4 devices
gnutls
v3.8.3-6.el9_6.2
1 device
gnutls
v3.6.16-8.el8_9.3
1 device
harfbuzz
v1.7.5-4.el8
3 devices
harfbuzz
v2.7.4-10.el9
1 device
iputils
v20180629-11.el8
6 devices
iputils
v20210202-11.0.1.el9_6.3
1 device
jose
v10-2.el8_10.3
2 devices
jose
v14-1.el9
1 device
jq
v1.6-17.el9_6.2
1 device
jq
v1.6-9.el8_10
1 device
jq
v1.6-11.el8_10
1 device
libarchive
v3.3.3-6.el8_10
5 devices
libarchive
v3.5.3-6.el9_6
1 device
libarchive
v3.3.3-5.el8
1 device
libbpf
v2:0.6.0-6.el8
1 device
libbpf
v0.5.0-1.el8
5 devices
libbpf
v2:1.5.0-2.0.2.el9
1 device
libpng
v2:1.6.34-5.el8
3 devices
libpng
v2:1.6.34-9.el8_10
3 devices
libpng
v2:1.6.37-12.el9
1 device
libsndfile
v1.0.28-16.el8_10
1 device
libsndfile
v1.0.31-9.el9
1 device
libsoup
v2.72.0-10.el9_6.2
1 device
libsoup
v2.62.3-7.el8_10
1 device
libsoup
v2.62.3-10.el8_10
1 device
libsoup
v2.62.3-11.el8_10
1 device
libssh
v0.9.6-16.el8_10
3 devices
libssh
v0.9.6-15.el8_10
1 device
libssh
v0.10.4-13.el9
1 device
libssh
v0.9.6-14.el8
2 devices
libtasn1
v4.13-5.el8_10
5 devices
libtasn1
v4.16.0-9.el9
1 device
libtasn1
v4.13-4.el8_7
1 device
libtiff
v4.0.9-36.el8_10
2 devices
libtiff
v4.4.0-13.el9
1 device
libtiff
v4.0.9-33.el8_10
1 device
libtpms
v0.9.1-2.20211126git1ff6fe1f43.module+el8.9.0+90052+d3bf71d8
1 device
libtpms
v0.9.1-5.20211126git1ff6fe1f43.el9_6
1 device
libvncserver
v0.9.11-17.el8
1 device
libxml2
v2.9.13-12.el9_6
1 device
libxml2
v2.9.7-18.el8_10.2
1 device
libxml2
v2.9.7-21.el8_10.3
5 devices
libxslt
v1.1.32-6.0.1.el8
1 device
libxslt
v1.1.32-6.3.0.1.el8_10
5 devices
libxslt
v1.1.34-13.0.1.el9_6
1 device
nbdkit
v1.38.5-5.el9_6
1 device
ncurses
v6.1-10.20180224.el8
6 devices
ncurses
v6.2-10.20210508.el9_6.2
1 device
nfs-utils
v1:2.3.3-64.0.1.el8_10
4 devices
nfs-utils
v1:2.3.3-59.0.1.el8
1 device
nfs-utils
v1:2.5.4-34.0.1.el9
1 device
openssh
v8.0p1-25.0.1.el8_10
2 devices
openssh
v8.7p1-45.0.2.el9
1 device
openssh
v8.0p1-26.0.1.el8_10
1 device
openssh
v8.0p1-27.0.1.el8_10
3 devices
openssl
v1:1.1.1k-14.el8_6
3 devices
openssl
v1:1.1.1k-14.el8_10
3 devices
openssl
v1:3.2.2-6.0.1.el9_5.1
1 device
orc
v0.4.31-8.el9
1 device
orc
v0.4.28-4.el8_10
1 device
patch
v2.7.6-11.el8
3 devices
pcre2
v10.32-3.el8_6
6 devices
pcre2
v10.40-6.0.1.el9
1 device
perl
v4:5.26.3-423.el8_10
2 devices
poppler
v21.01.0-21.el9
1 device
poppler
v20.11.0-12.el8_10
2 devices
poppler
v20.11.0-13.el8_10
1 device
postgresql
v10.23-4.0.1.module+el8.9.0+90164+87901204
1 device
runc
v4:1.2.4-2.el9
1 device
runc
v1:1.1.12-6.module+el8.10.0+90509+b5e1e789
1 device
runc
v4:1.2.5-2.module+el8.10.0+90704+e5ea1250
1 device
sqlite
v3.26.0-20.el8_10
5 devices
sqlite
v3.26.0-19.0.1.el8_9
1 device
sqlite
v3.34.1-8.el9_6
1 device
sudo
v1.9.5p2-10.el9_6.2
1 device
sudo
v1.9.5p2-1.0.1.el8_9
1 device
sudo
v1.9.5p2-1.0.1.el8_10.3
3 devices
sudo
v1.9.5p2-1.0.1.el8_10.2
2 devices
systemd
v239-82.0.8.el8_10.13
2 devices
systemd
v239-82.0.3.el8_10.3
1 device
systemd
v252-51.0.4.el9_6.2
1 device
systemd
v239-82.0.6.el8_10.8
1 device
systemd
v239-82.0.5.el8_10.5
1 device
systemd
v239-82.0.8.el8_10.8
1 device
taglib
v1.12-6.el9
1 device
taglib
v1.11.1-8.el8
1 device
tar
v2:1.30-11.el8_10
5 devices
tar
v2:1.30-9.el8
1 device
tar
v2:1.34-7.el9
1 device
time
v1.9-3.el8
3 devices
time
v1.9-18.el9
1 device
zlib
v1.2.11-25.el8
6 devices
zlib
v1.2.11-40.el9
1 device