CVE-2021-25319

Summary

A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions.

Affected Software

VendorProductVersion RangeStatus
openSUSEFactoryvirtualbox <= 6.1.20-1.1affected

Weaknesses

  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

References