Oracle VM VirtualBox – VM Escape via VGA Device
(github.com/google)
An integer overflow vulnerability exists within the VirtualBox vmsvga3dSurfaceMipBufferSize [source] function. This vulnerability allows an attacker to manipulate a malloc call such that 0 bytes are allocated while VirtualBox tracks the size of the buffer as a value greater than 0.
An integer overflow vulnerability exists within the VirtualBox vmsvga3dSurfaceMipBufferSize [source] function. This vulnerability allows an attacker to manipulate a malloc call such that 0 bytes are allocated while VirtualBox tracks the size of the buffer as a value greater than 0.