VirtualBox-OSE vulnerability

Frank Mehnert Frank.Mehnert at Sun.COM
Thu Feb 26 22:07:10 GMT 2009


Sun is still preparing an official security announcement but I would
like to point out a security issue of all VirtualBox versions >= 2.0.
The problem is that the SUID stubs (VirtualBox, VBoxSDL, VBoxHeadless)
have the linker flags RPATH=$ORIGIN set by default. Using a hardlink
an attacker can gain root permissions by overwriting a system library
in his local directory.

We fixed this problem in our public SVN in the following changesets:

These changesets are included in the updated 2.1.4 OSE archive on
our public website. In general I would suggest you to update to
version 2.1.4 as this version fixes _many_ bugs of version 2.1.0
(which is currently part of Jaunty).

Kind regards,

Dr.-Ing. Frank Mehnert    Sun Microsystems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : 

More information about the Ubuntu-motu mailing list