VirtualBox-OSE vulnerability
Frank Mehnert
Frank.Mehnert at Sun.COM
Thu Feb 26 22:07:10 GMT 2009
Hi,
Sun is still preparing an official security announcement but I would
like to point out a security issue of all VirtualBox versions >= 2.0.
The problem is that the SUID stubs (VirtualBox, VBoxSDL, VBoxHeadless)
have the linker flags RPATH=$ORIGIN set by default. Using a hardlink
an attacker can gain root permissions by overwriting a system library
in his local directory.
We fixed this problem in our public SVN in the following changesets:
http://www.virtualbox.org/changeset/17168
http://www.virtualbox.org/changeset/17169
http://www.virtualbox.org/changeset/17171
These changesets are included in the updated 2.1.4 OSE archive on
our public website. In general I would suggest you to update to
version 2.1.4 as this version fixes _many_ bugs of version 2.1.0
(which is currently part of Jaunty).
Kind regards,
Frank
--
Dr.-Ing. Frank Mehnert Sun Microsystems http://www.sun.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ubuntu.com/archives/ubuntu-motu/attachments/20090226/4ee2eb39/attachment.pgp
More information about the Ubuntu-motu
mailing list