KLA11027 Multiple vulnerabilities in Oracle VM VirtualBox

Multiple serious vulnerabilities have been found in Oracle VM VirtualBox. Malicious users can exploit these vulnerabilities to cause a denial of service, read and write accesible data and possibly to obtain sensitive information.

Below is a complete list of vulnerabilities:

1. Multiple unspecified vulnerabilities in subcomponent Core of Oracle Virtualization component can be exploited remotely possibly to obtain sensitive information;
2. Multiple unspecified vulnerabilities in subcomponent Core of Oracle Virtualization component can be exploited remotely to cause a denial of service (it can be either hang or frequently repeatable crash), write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM VirtualBox accessible data;
3. An unspecified vulnerability in subcomponent Shared Folder of Oracle Virtualization component can be exploited remotely to cause a denial of service (it can be either hang or frequently repeatable crash);
4. An unspecified vulnerability in subcomponent Core of Oracle Virtualization component can be exploited remotely to cause a denial of service (it can be either hang or frequently repeatable crash), write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM VirtualBox accessible data;
5. An unspecified vulnerability in subcomponent Core of Oracle Virtualization component can be exploited remotely to cause a denial of service (it can be either hang or frequently repeatable crash), write to some of Oracle VM VirtualBox accessible data;
6. An unspecified vulnerability in subcomponent Core of Oracle Virtualization component can be exploited remotely to read a subset of Oracle VM VirtualBox accessible data.

Technical details

Vulnerabilities (1)-(3) can be exploited by a low privileged user with logon to the infrastructure where OracleVM VirtualBox is executed.

Vulnerabilities (4)-(6) can be exploited by a high privileged user with logon to the infrastructure where OracleVM VirtualBox is executed.

Original advisories

Oracle Critical Patch Update Advisory

Exploitation

Public exploits exist for this vulnerability.

Related products

Oracle-VirtualBox

CVE list

CVE-2017-3575 warning

CVE-2017-3576 warning

CVE-2017-3513 warning

CVE-2017-3587 warning

CVE-2017-3558 warning

CVE-2017-3559 warning

CVE-2017-3561 warning

CVE-2017-3563 warning

Solution

Update to the latest versions

Download Oracle VM VirtualBox

Impacts

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• WLF

Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.

• RLF

Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.

Affected Products

• Oracle VM VirtualBox earlier than 5.0.38Oracle VM VirtualBox 5.1.x earlier than 5.1.20