Control: severity -1 critical
Raising severity because this bug can be used by any local user to elevate
privileges.
Also, before this bug is fixed upstream, it is possible to use this patch as a
band-aid:
--- a/src/VBox/Devices/Network/DevE1000.cpp
+++ b/src/VBox/Devices/Network/DevE1000.cpp
Source: virtualbox
Version: 5.2.20-dfsg-3
Severity: grave
Tags: security upstream
Justification: user security hole
Hi
See https://github.com/MorteNoir1/virtualbox_e1000_0day for the
respective report.
Regards,
Salvatore
2 matches
Mail list logo
