VirtualBox 6.0.6 arrives fixing serious security flaws

Darkcrizt

4 minutes

VirtualBox 6.0.6

Some days ago Oracle generated corrective versions of its VirtualBox visualization system, with whichl released VirtualBox version 6.0.6 and 5.2.28, versions in which 39 bug fixes have been observed.

The new versions too fixed 12 vulnerabilities, of which 7 have a critical degree of danger (CVSS Score 8.8). Details are not reported, but judging by CVSS level, issues demonstrated in the Pwn2Own 2019 competition have been removed, allowing the host system to execute code from the guest system environment.

Important changes in VirtualBox version 6.0.6

With this new release of VirtualBox 6.0.6 support for Linux kernels 4.4.169, 5.0 and 5.1 has been added for Linux hosts and guests (a long-awaited feature).

Also also deployments received with the build drivers for booting in safe boot mode which improves the performance and reliability of joint directories (shared folder).

Along with some minor changes to the user interface. The display of the snapshot deletion progress has been adjusted. Fixed issues when copying files and displaying the progress of copy operations in the built-in file manager.

On the other hand initial support for QCOW3 format in read-only mode was added along with the numerous fixes related to the VMSVGA emulated graphics device.

Improved VMSVGA compatibility with older X servers. It is possible to use VMSVGA when working with the EFI firmware interface.

As for the bug fixes that we can find, the following stand out:

  • Resolving issues with missing cursor, if no plugins for mouse support integration were installed Resolved issues remembering guest screen size and using RDP.
  • Resolved issues loading saved state for LsiLogic devices and with integrated virtualization on systems with AMD processors.
  • Fixed errors that appear during the automated installation of Ubuntu on guest systems as well as the correction of errors when reading some QCOW2 images.
  • Fixed a bug that led to duplication of shared directories (shared folder) after restoring a virtual machine from a saved state.
    Fixed issues when copying files between host and guest in Drag and Drop mode.
    The crash when using VboxManage was also fixed.
  • A bug that caused a crash in the event of attempts to start a virtual machine after a crash was fixed.

How to install VirtualBox 6.0.6?

VirtualBox

For those who are interested in being able to install this new version of VirtualBox, they can do so by following the instructions that we share below.

Debian, Ubuntu and derivatives users proceed to install the new version, we continue in the terminal and execute the following commands:

First we must add the repository to our sources.list

sudo sh -c 'echo "deb http://download.virtualbox.org/virtualbox/debian $(lsb_release -sc) contrib" >> /etc/apt/sources.list.d/virtualbox.list'

Now we proceed to import the public key:

wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -

sudo apt-get -y install gcc make linux-headers-$(uname -r) dkms

Then we go update our list of repositories:

sudo apt-get update

And finally we proceed to install the application to our system:

sudo apt-get install virtualbox-6.0

While for those who are Fedora, RHEL, CentOS users, we must do the following, which is to download the package with:

wget https://download.virtualbox.org/virtualbox/6.0.6/VirtualBox-6.0-6.0.6_130049_fedora29-1.x86_64.rpm
wget https://www.virtualbox.org/download/oracle_vbox.asc

In the case of OpenSUSE 15 the package for your system is this:

https://download.virtualbox.org/virtualbox/6.0.6/VirtualBox-6.0-6.0.6_130049_openSUSE150-1.x86_64.rpmwget

After that we type:

sudo rpm --import oracle_vbox.asc

And we install with:

sudo rpm -i VirtualBox-6.0-6.0.6_*.rpm

Now to verify that the installation was done:

VBoxManage -v

In the case of Arch Linux, you can install from AUR, even though some services are required for Systemd, so it is recommended that you use the Wiki in order to install.

As an additional step we can improve the functioning of VirtualBox With the help of a package, this package enables VRDP (Virtual Remote Desktop Protocol), solves the problem with the small resolution that VirtualBox runs, and many other improvements.

To install it, run the following commands:

curl https://download.virtualbox.org/virtualbox/6.0.6/Oracle_VM_VirtualBox_Extension_Pack-6.0.6-130049.vbox-extpack

sudo VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-6.0.6-130049.vbox-extpack

We accept the terms and conditions and install the package.

To verify that it was installed correctly:

VBoxManage list extpacks


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   macarena said
    ago 5 years

    Thanks for the help with its installation, at first it gave me problems, but now solved thanks for the contribution, greetings.

    Reply to macarena