Intrusion Prevention

Oracle.VirtualBox.NatCrash.DoS

Description

This indicates an attack attempt against a Denial-Of-Service vulnerability in Oracle VirtualBox.
The vulnerability is due to a error in the application when handling a crafted TCP session sent from a virtual machine. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

Affected Products

Oracle VirtualBox prior to 5.2.26, prior to 6.0.4

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
https://www.virtualbox.org/wiki/Downloads

CVE References

CVE-2019-2527