6965 matches found
VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening...
VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the...
Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config
Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1141 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has a...
Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation
Oracle VM VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of...
Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation
Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1091 This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualB...
Oracle VM VirtualBox - virtio-net Guest-to-Host Out-of-Bounds Write
Oracle VM VirtualBox - virtio-net Guest-to-Host Out-of-Bounds Write Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1136 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to...
Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy
Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network...
Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1141 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the host kernel. The...
Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the userspace host process and leak memory contents from the...
Oracle VM VirtualBox 5.0.x < 5.0.38 / 5.1.x < 5.1.20 (April 2017 CPU)
The version of Oracle VM VirtualBox installed on the remote host is 5.0.x prior to 5.0.38 or 5.1.x prior to 5.1.20. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Core component that allows a local attacker to disclose potentially sensitive informatio...
Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1091 This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualBox is installed to gain code execution in the kernel. Since I'm not sure which one of these issues cross...
Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1136 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4GB of controlled data out of bounds in the trusted userla...
Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be circumvented ...
VirtualBox Unprivilege Host User To Host Kernel Privilege Escalation Exploit
Exploit for linux platform in category local exploits VirtualBox: unprivileged host user - host kernel privesc via ALSA config CVE-2017-3576 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged devi...
VirtualBox Unprivilege Host User To Host Kernel Privilege Escalation
VirtualBox: unprivileged host user - host kernel privesc via ALSA config CVE-2017-3576 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the hos...
VirtualBox Guest-To-Host Out-Of-Bounds Write Exploit
Exploit for multiple platform in category dos / poc VirtualBox: guest-to-host out-of-bounds write via virtio-net CVE-2017-3575 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4G...
VirtualBox: guest-to-host LPE via broken length handling in slirp copy
There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the userspace host process and leak memory contents from the userspace host process. This probably permits an attacker with root privileg...
VirtualBox: unprivileged host user -> host kernel privesc via environment and ioctl (CVE-2017-3561)
This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualBox is installed to gain code execution in the kernel. Since I'm not sure which one of these issues crosses something you consider to be a privilege boundary, I'm reporting the...
VirtualBox: unprivileged host user -> host kernel privesc via ALSA config( CVE-2017-3576)
This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the host kernel. The issue is that, for VMs with ALSA audio, the privileged VM host process...
VirtualBox: guest-to-host out-of-bounds write via virtio-net (CVE-2017-3575)
This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4GB of controlled data out of bounds in the trusted userland host process. The bug is in the following code in...