VirtualBox

Ticket #3444 (closed defect: fixed)

Opened 5 years ago

Last modified 5 years ago

Privilege Escalation

Reported by: vapier Owned by:
Priority: critical Component: other
Version: Keywords:
Cc: Guest type: other
Host type: Linux

Description (last modified by frank) (diff)

description of this report deleted

Change History

comment:2 Changed 5 years ago by frank

  • Description modified (diff)
  • Summary changed from privilege escalation due to DT_RPATH:$ORIGIN and set*id to Privilege Escalation

Thanks for this report, we will fix this ASAP.

comment:3 Changed 5 years ago by frank

This bug applies only to the Linux .run packages (no other host architecture and no .deb/.rpm package). We replaced the .run 2.0.6 and 2.1.4 .run packages. You will find the updated builds as well as updated OSE archives at the download page.

A more detailed report will follow.

comment:4 Changed 5 years ago by vapier

OSE seems to encourage $ORIGIN usage too ... at least on Debian systems, apt-get install virtualbox-ose will result in the same issue.

comment:5 Changed 5 years ago by frank

Right, this will be fixed when generating new packages using the updated OSE 2.1.4 tarball.

comment:6 Changed 5 years ago by frank

To be more specific, r17168 plus r17169 plus r17171 will fix the problem in OSE builds.

comment:7 Changed 5 years ago by frank

Btw, Debian/Lenny is not affected as it ships VirtualBox 1.6.6 (without suid binaries).

comment:8 Changed 5 years ago by frank

  • Status changed from new to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use