CVE-2008-3431 — HIGH (8.8) — White Hats Nepal

Q: How severe is CVE-2008-3431?

CVE-2008-3431 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-3431?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Virtualbox.

Vulnerability Description

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Oracle	Virtualbox	< 1.6.4

References

http://secunia.com/advisories/31361Broken LinkVendor Advisory
http://securityreason.com/securityalert/4107Broken Link
http://securitytracker.com/id?1020625Broken LinkThird Party AdvisoryVDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-66-240095-1Broken Link
http://virtualbox.org/wiki/ChangelogProduct
http://www.coresecurity.com/content/virtualbox-privilege-escalation-vulnerabilitExploitThird Party Advisory
http://www.securityfocus.com/archive/1/495095/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/30481Broken LinkExploitThird Party Advisory
http://www.vupen.com/english/advisories/2008/2293Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/44202Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/6218ExploitThird Party AdvisoryVDB Entry
http://secunia.com/advisories/31361Broken LinkVendor Advisory
http://securityreason.com/securityalert/4107Broken Link
http://securitytracker.com/id?1020625Broken LinkThird Party AdvisoryVDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-66-240095-1Broken Link

FAQ

What is CVE-2008-3431?

CVE-2008-3431 is a vulnerability with a CVSS score of 8.8 (HIGH). The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with th...

How severe is CVE-2008-3431?

CVE-2008-3431 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-3431?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Virtualbox.