<div dir="auto">Hi,<div dir="auto"><br></div><div dir="auto">According to the same researcher, Virtualbox 5.2.22 fixes the vulnerability:</div><div dir="auto"><br></div><div dir="auto"><a href="https://github.com/MorteNoir1/virtualbox_e1000_0day/issues/12">https://github.com/MorteNoir1/virtualbox_e1000_0day/issues/12</a><br></div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Regards,</div><div dir="auto">Mihai</div></div><br><div class="gmail_quote"><div dir="ltr">On Sat, 10 Nov 2018, 23:26 Stéphane Charette <<a href="mailto:stephanecharette@gmail.com">stephanecharette@gmail.com</a> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">This just hit Slashdot:  "<span style="color:rgb(54,54,54);font-family:Arial,sans-serif;font-size:13px">According to a text file uploaded on GitHub, Saint Petersburg-based researcher Sergey Zelenyuk has found a chain of bugs t</span>hat can allow malicious code to escape the VirtualBox virtual machine (the guest OS) and execute on <span style="color:rgb(54,54,54);font-family:Arial,sans-serif;font-size:13px">the underlying (host) operating system."</span><div><font color="#363636" face="Arial, sans-serif"><br></font></div><div><font color="#363636" face="Arial, sans-serif">One example article:  </font><span style="color:rgb(54,54,54);font-family:Arial,sans-serif"><a href="https://www.zdnet.com/article/virtualbox-zero-day-published-by-disgruntled-researcher/" target="_blank" rel="noreferrer">https://www.zdnet.com/article/virtualbox-zero-day-published-by-disgruntled-researcher/</a></span></div><div><font color="#363636" face="Arial, sans-serif"><br></font></div><div><font color="#363636" face="Arial, sans-serif">Slashdot:  <a href="https://developers.slashdot.org/story/18/11/10/1739206/disgruntled-security-researcher-publishes-major-virtualbox-0-day-exploit" target="_blank" rel="noreferrer">https://developers.slashdot.org/story/18/11/10/1739206/disgruntled-security-researcher-publishes-major-virtualbox-0-day-exploit</a></font></div><div><font color="#363636" face="Arial, sans-serif"><br></font></div><div><font color="#363636" face="Arial, sans-serif">His github repo has the technical details.  He shows how you can create a console shell to start on the host by using a buffer overrun in the guest:  </font><span style="color:rgb(54,54,54);font-family:Arial,sans-serif"><a href="https://github.com/MorteNoir1/virtualbox_e1000_0day" target="_blank" rel="noreferrer">https://github.com/MorteNoir1/virtualbox_e1000_0day</a></span></div><div><font color="#363636" face="Arial, sans-serif"><br></font></div><div><font color="#363636" face="Arial, sans-serif">The "disgruntled security researcher" part is difficult to read and understand due to broken English.  More info is available on his github page.</font></div><div><br></div><div><div><div>Stéphane</div><div><br></div>-- <br><div dir="ltr" class="m_6874440874719803913gmail_signature"><table border="0" cellpadding="0" cellspacing="0">
    <tbody>
        <tr>
            <td align="left" valign="bottom" width="107" style="line-height:0;vertical-align:bottom;padding-right:10px;padding-top:20px;padding-bottom:20px">
                <a href="https://about.me/stephane.charette?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api&utm_content=thumb" style="text-decoration:none" target="_blank" rel="noreferrer">
                    <img src="https://thumbs.about.me/thumbnail/users/s/t/e/stephane.charette_emailsig.jpg?_1526512512_975" alt="" width="105" height="70" style="margin:0px;padding:0px;display:block;border:1px solid rgb(238,238,238)">
                </a>
            </td>
            <td align="left" valign="bottom" style="line-height:1.1;vertical-align:bottom;padding-top:20px;padding-bottom:20px">
                <img src="https://about.me/t/sig?u=stephane.charette" width="1" height="1" style="border:0px;margin:0px;padding:0px;overflow:hidden">
                <div style="font-size:18px;font-weight:bold;color:rgb(51,51,51);font-family:"Proxima Nova",Helvetica,Arial,sans-serif">Stéphane Charette</div>
                <a href="https://about.me/stephane.charette?promo=email_sig&utm_source=product&utm_medium=email_sig&utm_campaign=gmail_api&utm_content=thumb" style="text-decoration:none;font-size:12px;color:rgb(43,130,173);font-family:"Proxima Nova",Helvetica,Arial,sans-serif" target="_blank" rel="noreferrer">about.me/stephane.charette
                </a>
            </td>
        </tr>
    </tbody>
</table>
</div></div></div></div></div></div></div>
_______________________________________________<br>
vbox-dev mailing list<br>
<a href="mailto:vbox-dev@virtualbox.org" target="_blank" rel="noreferrer">vbox-dev@virtualbox.org</a><br>
<a href="https://www.virtualbox.org/mailman/listinfo/vbox-dev" rel="noreferrer noreferrer" target="_blank">https://www.virtualbox.org/mailman/listinfo/vbox-dev</a><br>
</blockquote></div>