Oracle VM VirtualBox CVE-2017-3538 Local Security Bypass Vulnerability

Oracle VM VirtualBox is prone to a local security bypass vulnerability.

Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Versions prior to Oracle VM VirtualBox 5.1.16 and 5.0.34 are vulnerable.

Information

Bugtraq ID: 97698
Class: Design Error
CVE: CVE-2017-3538

Remote: No
Local: Yes
Published: Apr 17 2017 12:00AM
Updated: Apr 17 2017 12:00AM
Credit: Google Project Zero
Vulnerable: Oracle VM VirtualBox 5.1.14
Oracle VM VirtualBox 5.1.10
Oracle VM VirtualBox 5.1.8
Oracle VM VirtualBox 5.0.32
Oracle VM VirtualBox 5.0.28
Oracle VM VirtualBox 5.0.26
Oracle VM VirtualBox 5.0.22
Oracle VM VirtualBox 5.0.16
Oracle VM VirtualBox 5.0.14
Oracle VM VirtualBox 5.0.13
Oracle VM VirtualBox 5.0.12
Oracle VM VirtualBox 5.0.11
Oracle VM VirtualBox 5.0.10
Oracle VM VirtualBox 5.0.9
Oracle VM VirtualBox 5.0.8
Oracle VM VirtualBox 4.3.36
Oracle VM VirtualBox 4.3.35
Oracle VM VirtualBox 4.3.34
Oracle VM VirtualBox 4.3.33
Oracle VM VirtualBox 4.3.32
Oracle VM VirtualBox 4.3.26
Oracle VM VirtualBox 4.3.20
Oracle VM VirtualBox 4.3.19
Oracle VM VirtualBox 4.3.18
Oracle VM VirtualBox 4.3.17
Oracle VM VirtualBox 4.3.16
Oracle VM VirtualBox 4.3.15
Oracle VM VirtualBox 4.3.14
Oracle VM VirtualBox 4.3.12
Oracle VM VirtualBox 4.3.10
Oracle VM VirtualBox 4.3.9
Oracle VM VirtualBox 4.3.8
Oracle VM VirtualBox 4.3.7
Oracle VM VirtualBox 4.3.5
Oracle VM VirtualBox 4.2.36
Oracle VM VirtualBox 4.2.35
Oracle VM VirtualBox 4.2.34
Oracle VM VirtualBox 4.2.30
Oracle VM VirtualBox 4.2.27
Oracle VM VirtualBox 4.2.26
Oracle VM VirtualBox 4.2.24
Oracle VM VirtualBox 4.2.23
Oracle VM VirtualBox 4.2.19
Oracle VM VirtualBox 4.2.18
Oracle VM VirtualBox 4.2.14
Oracle VM VirtualBox 4.2.12
Oracle VM VirtualBox 4.1.44
Oracle VM VirtualBox 4.1.43
Oracle VM VirtualBox 4.1.42
Oracle VM VirtualBox 4.1.38
Oracle VM VirtualBox 4.1.35
Oracle VM VirtualBox 4.1.34
Oracle VM VirtualBox 4.1.32
Oracle VM VirtualBox 4.1.31
Oracle VM VirtualBox 4.1.29
Oracle VM VirtualBox 4.1.28
Oracle VM VirtualBox 4.1.24
Oracle VM VirtualBox 4.1.22
Oracle VM VirtualBox 4.1.20
Oracle VM VirtualBox 4.1.18
Oracle VM VirtualBox 4.1.16
Oracle VM VirtualBox 4.1.14
Oracle VM VirtualBox 4.1.10
Oracle VM VirtualBox 4.1.8
Oracle VM VirtualBox 4.0.36
Oracle VM VirtualBox 4.0.35
Oracle VM VirtualBox 4.0.34
Oracle VM VirtualBox 4.0.30
Oracle VM VirtualBox 4.0.27
Oracle VM VirtualBox 4.0.26
Oracle VM VirtualBox 4.0.24
Oracle VM VirtualBox 4.0.23
Oracle VM VirtualBox 4.0.21
Oracle VM VirtualBox 4.0.20
Oracle VM VirtualBox 4.0.18
Oracle VM VirtualBox 3.2.25
Oracle VM VirtualBox 3.2.24
Oracle VM VirtualBox 3.2.22
Oracle VM VirtualBox 3.2.21
Oracle VM VirtualBox 3.2.19
Oracle VM VirtualBox 3.2.18
Oracle VM VirtualBox 3.2.14
Oracle VM VirtualBox 3.0.1
Oracle VM VirtualBox 1.6.6
Oracle VM VirtualBox 5.0.18
Oracle VM VirtualBox 5.0
Oracle VM VirtualBox 4.3.6
Oracle VM VirtualBox 4.3.4
Oracle VM VirtualBox 4.3.2
Oracle VM VirtualBox 4.3
Oracle VM VirtualBox 4.2.8
Oracle VM VirtualBox 4.2.6
Oracle VM VirtualBox 4.2.4
Oracle VM VirtualBox 4.2.22
Oracle VM VirtualBox 4.2.20
Oracle VM VirtualBox 4.2.2
Oracle VM VirtualBox 4.2.16
Oracle VM VirtualBox 4.2.10
Oracle VM VirtualBox 4.2
Oracle VM VirtualBox 4.1.6
Oracle VM VirtualBox 4.1.4
Oracle VM VirtualBox 4.1.30
Oracle VM VirtualBox 4.1.26
Oracle VM VirtualBox 4.1.2
Oracle VM VirtualBox 4.1
Oracle VM VirtualBox 4.0.8
Oracle VM VirtualBox 4.0.6
Oracle VM VirtualBox 4.0.4
Oracle VM VirtualBox 4.0.22
Oracle VM VirtualBox 4.0.2
Oracle VM VirtualBox 4.0.16
Oracle VM VirtualBox 4.0.14
Oracle VM VirtualBox 4.0.12
Oracle VM VirtualBox 4.0.10
Oracle VM VirtualBox 4.0
Oracle VM VirtualBox 3.3
Oracle VM VirtualBox 3.2.8
Oracle VM VirtualBox 3.2.6
Oracle VM VirtualBox 3.2.4
Oracle VM VirtualBox 3.2.20
Oracle VM VirtualBox 3.2.2
Oracle VM VirtualBox 3.2.16
Oracle VM VirtualBox 3.2.12
Oracle VM VirtualBox 3.2.10
Oracle VM VirtualBox 3.2.0
Oracle VM VirtualBox 3.1.8
Oracle VM VirtualBox 3.1.6
Oracle VM VirtualBox 3.1.4
Oracle VM VirtualBox 3.1.2
Oracle VM VirtualBox 3.1
Oracle VM VirtualBox 3.0.8
Oracle VM VirtualBox 3.0.6
Oracle VM VirtualBox 3.0.4
Oracle VM VirtualBox 3.0.2
Oracle VM VirtualBox 3.0.14
Oracle VM VirtualBox 3.0.12
Oracle VM VirtualBox 3.0.10
Oracle VM VirtualBox 3.0.0
Oracle VM VirtualBox 2.2.4
Oracle VM VirtualBox 2.2.2
Oracle VM VirtualBox 2.2.0
Oracle VM VirtualBox 2.2
Oracle VM VirtualBox 2.1.4
Oracle VM VirtualBox 2.1.2
Oracle VM VirtualBox 2.1.0
Oracle VM VirtualBox 2.0.8
Oracle VM VirtualBox 2.0.6
Oracle VM VirtualBox 2.0.4
Oracle VM VirtualBox 2.0.2
Oracle VM VirtualBox 2.0.12
Oracle VM VirtualBox 2.0.10
Oracle VM VirtualBox 1.6.4
Oracle VM VirtualBox 1.6.2
Oracle VM VirtualBox 1.6.0

Not Vulnerable: Oracle VM VirtualBox 5.1.16
Oracle VM VirtualBox 5.0.34

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

Oracle Homepage (Oracle)
VirtualBox Homepage (Sun Microsystems)
VirtualBox: cooperating VMs can escape from shared folder (Google)

Source: www.securityfocus.com

Exploit Collector

Search Exploit