VirtualBox Zero-day Vulnerability

Windows Articles

How to install RainLoop (web-based email client) on Ubuntu 20.04?

Email plays an important role in companies and on a personal level. Sometimes it is convenient to have a personal email server,...

Fedora 33 available

Fedora is a Linux-based operating system, which also offers a development platform. In other words, it is free to use, modify, and...

Install GoAccess on Ubuntu 20.04?

Hello, friends. In this post, you will learn how to install GoAccess on Ubuntu 20.04. This way you will be able to...

The best lightweight web browsers

Hi! We currently spend a lot of time in front of the computer connected to the Internet. In fact, it is a...

Install Snowflake (SSH Client) on Ubuntu 20.04

Linux system administrators on servers have a big job behind them. Thanks to them, many of the services or tasks that an...

VirtualBox has always been one of the most popular virtualization software on the market. It’s free, open-source and available on all the platforms. VirtualBox is currently developed and maintained by Oracle.

Recently, a Russian vulnerability researcher and exploit dev published detailed info about a zero-day vulnerability in VirtualBox. His explanation includes a step-by-step guide on exploiting the bug. The bug is present on the software itself, allowing all the platforms to be vulnerable.

Using the bug, an attacker would easily escape the virtual environment and reach the Ring 3 privilege layer – a layer for running code from most user programs with the least privileges.

How the vulnerability works

According to Sergey Zelenyuk who identified the bug, shows details on how the bug can be leveraged on virtual machines configured with the “Intel PRO/1000 MT Desktop (82540EM)” network adapter in NAT mode. It’s the default setup of all the guest systems for accessing external networks.

According to a technical write-up by Zelenyuk, the network adapter is vulnerable that allows an attacker with root/admin privilege to escape to the host Ring 3. Then, using existing techniques, the attacker can escalate privileges to Ring 0 via /dev/vboxdrv.

The researcher describes the mechanics in detail, showing how to create the necessary conditions for obtaining a buffer overflow to abuse and escape the virtual confinement.

100% Reliable

The exploit Zelenyuk wrote relies on the 2 conditions. Although not impossible, an attacker has to chain another vulnerability for granting them increased privilege on the host system.

Here’s a demo he showed.

More articles

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install RainLoop (web-based email client) on Ubuntu 20.04?

Email plays an important role in companies and on a personal level. Sometimes it is convenient to have a personal email server,...

Fedora 33 available

Fedora is a Linux-based operating system, which also offers a development platform. In other words, it is free to use, modify, and...

Install GoAccess on Ubuntu 20.04?

Hello, friends. In this post, you will learn how to install GoAccess on Ubuntu 20.04. This way you will be able to...

The best lightweight web browsers

Hi! We currently spend a lot of time in front of the computer connected to the Internet. In fact, it is a...

Install Snowflake (SSH Client) on Ubuntu 20.04

Linux system administrators on servers have a big job behind them. Thanks to them, many of the services or tasks that an...
x