- VirtualBox zero-day published by disgruntled researcher
VirtualBox zero-day published by disgruntled researcher
silversurfer > 11-07-2018, 03:21 PM
Quote:A Russian security researcher has published details about a zero-day vulnerability affecting VirtualBox, an Oracle software application for running virtual machines.
According to a text file uploaded on You are not allowed to view links. Register or Login to view., Saint Petersburg-based researcher Sergey Zelenyuk has found a chain of bugs that can allow malicious code to escape the VirtualBox virtual machine (the guest OS) and execute on the underlying (host) operating system.
Once out of the VirtualBox VM, the malicious code runs in the OS' limited userspace (You are not allowed to view links. Register or Login to view.), but Zelenyuk said that attackers can use many of the already known privilege escalation bugs to gain kernel-level access (ring 0).
"The exploit is 100% reliable," Zelenyuk said. "It means it either works always or never because of mismatched binaries or other, more subtle reasons I didn't account."
The Russian researcher says the zero-day affects all current VirtualBox releases, works regardless of the host or guest operating system the user is running, and is reliable against the default configuration of newly created VMs.
Source: You are not allowed to view links. Register or Login to view.
RE: VirtualBox zero-day published by disgruntled researcher
mekelek > 11-07-2018, 04:10 PMafter the whole vulnerable driver fiasco someone would have to be really brave not to switch over to VMWare tbh.