Oracle VirtualBox Insufficient Input Validation Vulnerability
NVDKnown Exploited Vulnerability
CVE-2008-3431, Oracle VirtualBox Insufficient Input Validation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
The following remediation steps are recommended / required by March 24, 2022: Apply updates per vendor instructions.