VDB

CVE-2021-25319

CVE-2021-25319 PUBLISHED

A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. This issue affects: openSUSE Factory virtualbox version 6.1.20-1.1 and prior versions.

EPSS 0.02% · 7.2th percentile

Risk Scores

EPSS Score
0.02%
7.2th percentile

Affected Products

VendorProductVersions
Ubuntu:25.10virtualbox0, *, *
Ubuntu:24.04:LTSvirtualbox0, *, *
Ubuntu:20.04:LTSvirtualbox*, *, 0
Ubuntu:16.04:LTSvirtualbox*, 5.0.4-dfsg-2, 5.0.8-dfsg-1
Ubuntu:22.04:LTSvirtualbox*, 6.1.38-dfsg-3~ubuntu1.22.04.1, 6.1.48-dfsg-1~ubuntu1.22.04.1
Ubuntu:18.04:LTSvirtualbox*, *, *

Timeline

  • May 5, 2021 EPSS Score
  • May 5, 2021 CVE Published
  • Jul 8, 2021 EPSS Score
  • Sep 8, 2021 EPSS Score
  • Nov 9, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Mar 13, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 14, 2022 EPSS Score
  • Jul 16, 2022 EPSS Score
  • Sep 16, 2022 EPSS Score
  • Nov 17, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›