CVE-2008-3431 : The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.

Published 2008-08-05 19:41:00

Updated 2025-03-14 19:06:47

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2008-3431

Oracle » Virtualbox
Versions before (<) 1.6.4
cpe:2.3:a:oracle:virtualbox:*:*:*:*:*:*:*:*
Matching versions

CVE-2008-3431 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:

Oracle VirtualBox Insufficient Input Validation Vulnerability

CISA required action:

Apply updates per vendor instructions.

CISA description:

An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.

Notes:

https://nvd.nist.gov/vuln/detail/CVE-2008-3431

Added on 2022-03-03 Action due date 2022-03-24

Exploit prediction scoring system (EPSS) score for CVE-2008-3431

EPSS FAQ

3.53%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 87 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-3431

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	2.0	6.0	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-02-10
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	2.0	6.0	NIST	2024-07-16
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

References for CVE-2008-3431

http://www.vupen.com/english/advisories/2008/2293

Site en construction
Broken Link
http://www.securityfocus.com/archive/1/495095/100/0/threaded

Broken Link;Third Party Advisory;VDB Entry
http://virtualbox.org/wiki/Changelog

Oracle VM VirtualBox
Product
http://securityreason.com/securityalert/4107

Sun xVM VirtualBox Privilege Escalation Vulnerability - CXSecurity.com
Broken Link
http://www.coresecurity.com/content/virtualbox-privilege-escalation-vulnerability

VirtualBox Privilege Escalation Vulnerability | CoreLabs Advisories
Exploit;Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-240095-1

Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/44202

Sun xVM VirtualBox privilege escalation CVE-2008-3431 Vulnerability Report
Third Party Advisory;VDB Entry
http://secunia.com/advisories/31361

About Secunia Research | Flexera
Broken Link;Vendor Advisory
http://www.securityfocus.com/bid/30481

Broken Link;Exploit;Third Party Advisory;VDB Entry
http://securitytracker.com/id?1020625

GoDaddy Domain Name Search
Broken Link;Third Party Advisory;VDB Entry
https://www.exploit-db.com/exploits/6218

Sun xVM VirtualBox < 1.6.4 - Privilege Escalation (PoC) - Multiple dos Exploit
Exploit;Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2008-3431

Products affected by CVE-2008-3431

CVE-2008-3431 is in the CISA Known Exploited Vulnerabilities Catalog

Exploit prediction scoring system (EPSS) score for CVE-2008-3431

CVSS scores for CVE-2008-3431

References for CVE-2008-3431