Back to directory
WRITEUP #308

CVE-2024-21115: An Oracle Virtualbox LPE Used To Win Pwn2Own

Privilege EscalationLocal Privilege EscalationOut-of-bounds WriteMemory corruptionSecurity code review
by@cogallag(Cody Gallagher)
Bounty
20,000
Program
Oracle (VirtualBox)
Published
May 9, 2024
Added to HackDex
May 11, 2024
Read Full Writeuphttps://www.zerodayinitiative.com/blog/2024/5/9/cve-2024-21115-an-oracle-virtualbox-lpe-used-to-win-pwn2own
RELATED WRITEUPS
WhatsUp Gold SetAdminPassword Privilege Escalation (CVE-2024-5009)
Privilege EscalationLocal Privilege Escalation
Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey
Privilege EscalationLocal Privilege Escalation
3CX Phone System Local Privilege Escalation Vulnerability
Privilege EscalationLocal Privilege Escalation
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption
I hacked a card printer software (CVE-2024-34329)
Privilege EscalationLocal Privilege Escalation

Built with ❤️ by Shubham Rawat