>CVE-2018-2698 is a powerful OOB read/write primitive in the (always-on) VBVA graphics component. It can be used to escape a VBox VM and escalate privs to SYSTEM on Windows 10 hosts. Since the patch is public now, definitely upgrade if you are running mali

Name
Email
Subject
Comment *
File	Select/drop/paste files here
* = required field	[▶ Show post options & limits] Confused? See the FAQ.

Name

Subject

Comment *

File

Select/drop/paste files here

* = required field

[▶ Show post options & limits]
Confused? See the FAQ.

Flag
Oekaki	Show oekaki applet (replaces files and can be used instead)
Options	Do not bump (you can also write sage in the email field) Spoiler images (this replaces the thumbnails of your images with question marks)
Password	(For file and post deletion.)
Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf Max filesize is 16 MB. Max image dimensions are 15000 x 15000. You may upload 3 per post.

Flag

Oekaki

Show oekaki applet
(replaces files and can be used instead)

Options

Do not bump
(you can also write sage in the email field)

Spoiler images
(this replaces the thumbnails of your images with question marks)

Password

(For file and post deletion.)

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.

File (hide): 08e84c57e783156⋯.jpeg (132.24 KB, 1360x961, 1360:961, virtual box escape.jpeg) (h) (u)

[–]

▶Anonymous 01/22/18 (Mon) 23:32:37 No.856477>>856499 >>857563 [Watch Thread][Show All Posts]

>CVE-2018-2698 is a powerful OOB read/write primitive in the (always-on) VBVA graphics component. It can be used to escape a VBox VM and escalate privs to SYSTEM on Windows 10 hosts. Since the patch is public now, definitely upgrade if you are running malicious code inside a VM.

Pajeet tech support scammers now using this virtualbox escape to fuck the people who prank them :D

▶Anonymous 01/22/18 (Mon) 23:39:46 No.856485

OP is just a street shitter who is trying to scam more money

▶Anonymous 01/22/18 (Mon) 23:45:24 No.856492

>Windows 10 hosts

Why would you mess with a Pajeet in his own territory?

around pajeets shit in the streets

▶Anonymous 01/23/18 (Tue) 00:01:27 No.856499>>856505

>>856477 (OP)

Does it only work on win10 hosts or other hosts as well?

▶Anonymous 01/23/18 (Tue) 00:12:22 No.856505>>856556

>>856499

It's a bug in virtualbox, it probably works on most hosts. It's been fixed, just update.

▶sage 01/23/18 (Tue) 02:10:59 No.856556>>856625

>>856505

yea this is not something to be concerned about.

▶Anonymous 01/23/18 (Tue) 05:46:41 No.856625>>857470

>>856556

yep, just a miner bug goyim, just let's you pull root on the host system from inside of a virtual machine, no big deal. just update at your earliest convenience.

▶Anonymous 01/23/18 (Tue) 07:29:35 No.856647>>856867

https://www.virtualbox.org/changeset/69884/vbox

>Devices/Graphics: Use offsets instead of pointers as arguments in VDMA blitter

Look how nonchalant they are about the commit message.

pDstDesc->pitch was previously being fed into a memcpy unchecked.

▶Anonymous 01/23/18 (Tue) 19:55:51 No.856867

>>856647

Isn't that common? no need to draw attention with a commit message

▶Anonymous 01/24/18 (Wed) 22:46:56 No.857470

>>856625

>miner bug

kek

▶Anonymous 01/25/18 (Thu) 03:01:09 No.857563

>>856477 (OP)

>2698

Did they change the numbering system or are we already this fucked before the first month of the year is even over?

/tech/ - Technology★

General

WebM

Theme

User JS

Do not paste code here unless you absolutely trust the source or have read it yourself!

Favorites

Customize Formatting

Filters