Oracle VM VirtualBox local vulnerabilities (CVE-2014-6590)
Release date:
Updated on:
Affected Systems:
Oracle VM VirtualBox <4.3.20
Description:
Bugtraq id: 72213
CVE (CAN) ID: CVE-2014-6590
VirtualBox is a x86 virtualization product.
Oracle VM VirtualBox has a local security vulnerability in the implementation of the VMSVGA device sub-component. authenticated local attackers can exploit this vulnerability to affect the integrity and availability of affected components. Versions affected by this vulnerability include versions earlier than 4.3.20.
<* Source: Oracle
Link: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
*>
Suggestion:
Vendor patch:
Oracle
------
Oracle has released a Security Bulletin (cpujan2015-1972971) and patches for this:
Cpujan2015-1972971: Oracle Critical Patch Update Advisory-January 2015
Link: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
This article permanently updates the link address: