![]() However, it is usually sufficient to use the workaround described below and reconfigure the network interface to solve the problem. The attack scenario is described for interested blog readers in the Github post. Oracle global customer support invites you to preview some of the support. ![]() Then the attacker can use existing techniques to increase privileges and reach ring 0 via /dev/vboxdrv. Thread starter boliniak Start date Tags rdma nfs B. The vulnerability allows an attacker with root/administrator privileges on a guest system to break out of a guest system and enter the host string. This combination, referred to as E1000 in the GitHub article, has a vulnerability. The 0-day vulnerability can be exploited, if an Intel PRO/1000 MT Desktop (82540EM) network card is configured in the VM configuration in conjunction with the NAT network mode. This affects every host and guest operating system because the bug is in the shared code base. There is an unpatched vulnerability in VirtualBox 5.2.20 (released on October 16, 2018) and earlier versions. Therefore, he has decided to make full disclosure. ![]() He is probably quite frustrated with how reported bugs are handled by Oracle. The person who has discovered of the vulnerability has published the details on GitHub.
0 Comments
Leave a Reply. |