Oracle VirtualBox Insufficient Input Validation Vulnerability

NVD

Known Exploited Vulnerability

CVE-2008-3431, Oracle VirtualBox Insufficient Input Validation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.

The following remediation steps are recommended / required by March 24, 2022: Apply updates per vendor instructions.