Install Newer Versions of VirtualBox
This wiki page documents how to install different versions of VirtualBox from sources other than the default repositories, such as Debian unstable or directly from the developers of VirtualBox.
If using Kicksecure™ inside a virtual machine (VM), the virtualization platform is an essential component of a secure Kicksecure™ system. A vulnerable virtualizer may provide opportunities for attackers to perform a breakout from a virtual machine in order to undo the security by isolation features that Kicksecure™ provides. The decision to install an alternative virtualizer should not be taken lightly.
The two methods described below to install VirtualBox are safer than downloading, verifying, and installing binaries manually.
See also recommended VirtualBox version.
Newer VirtualBox Version
Install VirtualBox from Debian Unstable
Install from VirtualBox.org Repository
The latest Oracle VirtualBox package information can be found here.
Optional: To find out which version is available from the VirtualBox.org APT Repository, please press expand on the right side.
The user could investigate the following links:
- useful to start investigation at the "base link": https://download.virtualbox.org/virtualbox/debian
- other more specific "hot links" at time of writing:
1. Adding the VirtualBox.org APT repository.
Choose either: A OR B.
A: Use extrepo to add VirtualBox.org APT Repository
extrepo. To accomplish that, the following steps A. to D. need to be done.
A. Update the package lists.
sudo apt update
B. Upgrade the system.
sudo apt full-upgrade
C. Install the
sudo apt install --no-install-recommends extrepo
The procedure of installing
extrepo is complete.
Step 2 Open file
/etc/extrepo/config.yaml in an editor with root rights.
Kicksecure™ for Qubes
NOTE: When using Kicksecure-Qubes, this needs to be done inside the Template.
Others and Alternatives
- This is just an example. Other tools could achieve the same goal.
- If this example does not work for you or if you are not using Kicksecure, please refer to this link.
Step 3 Paste at the end.
- contrib - non-free
Step 4 Save and exit.
Step 5 Use extrepo to enable the VirtualBox.org APT repository.
sudo extrepo enable virtualbox
If everything goes well, extrepo will just print some empty lines.
Step 6 Done.
Adding the VirtualBox.org APT repository has been completed.
B: Manually add VirtualBox.org APT Repository
Step A Add the Oracle apt sources list.
Make sure to change
bookworm to the current name of your stable distribution.
echo "deb [signed-by=/usr/share/keyrings/virtualbox-archive-keyring.asc] https://download.virtualbox.org/virtualbox/debian $(lsb_release -sc) contrib" | sudo tee /etc/apt/sources.list.d/virtualbox.list
Step B Add Oracle's signing key to APT keyring.
Step 1 Securely download the key.
curl --tlsv1.3 --remote-name --tlsv1.2 https://www.virtualbox.org/download/oracle_vbox_2016.asc
Step 2 Display the key's fingerprint.
gpg --keyid-format long --import --import-options show-only --with-fingerprint oracle_vbox_2016.asc
Step 3 Verify the fingerprint.
The most important check is confirming the key fingerprint exactly matches the output below.
Step 4 Add the signing key.
sudo cp oracle_vbox_2016.asc /usr/share/keyrings/virtualbox-archive-keyring.asc
Step 5 Done.
The key has been added to the keyring.
2. Update and Install VirtualBox.
A. Update the package lists.
sudo apt update
B. Install VirtualBox and Linux Kernel Headers, which are a dependency.
sudo apt install virtualbox-7.0 linux-headers-$(uname -r)
C. Update VirtualBox guest additions.
Note: After upgrading the VirtualBox host version, this might cause issues with the guest VMs such as broken VM size adjustment (full screen)  unless the VirtualBox guest additions are also upgraded inside your virtual machine.
This is currently not the case at time of writing in August 2023. If this happens, then you could try Migration to Oracle Style VirtualBox Guest Additions.
Installation of VirtualBox from VirtualBox.org Repository has been completed.
Was not possible as of Debian
buster. Dependencies such as for package
glibcwere too new. This meant a host of updated dependencies from Debian unstable wer pulled and mixed with Debian stable, often leading to many issues including system instability.
The following comments in that file...
# - contrib # - non-free
...could be deleted but that is completely optional.
- Problems after upgrading Kicksecure - cannot full size Kicksecure screen