vulnerability

Gentoo Linux: CVE-2021-35538: Oracle VirtualBox: Multiple Vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Oct 20, 2021

Added

Sep 1, 2022

Modified

Mar 31, 2026

Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability does not apply to Windows systems. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Solutions

gentoo-linux-upgrade-app-emulation-virtualboxgentoo-linux-upgrade-app-emulation-virtualbox-additionsgentoo-linux-upgrade-app-emulation-virtualbox-extpack-oraclegentoo-linux-upgrade-app-emulation-virtualbox-guest-additionsgentoo-linux-upgrade-app-emulation-virtualbox-modules

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report