What versions of Oracle VM VirtualBox are affected by CVE-2014-6540?

CVE-2014-6540 affects Oracle VM VirtualBox versions before 4.1.34, 4.2.26, and 4.3.14.

What is the nature of the vulnerability in CVE-2014-6540?

The vulnerability in CVE-2014-6540 allows local users to impact availability related to the graphics driver (WDDM) for Windows guests.

How can I mitigate CVE-2014-6540?

To mitigate CVE-2014-6540, update Oracle VM VirtualBox to a version that is 4.1.34 or later, 4.2.26 or later, or 4.3.14 or later.

Is CVE-2014-6540 a remote or local vulnerability?

CVE-2014-6540 is classified as a local vulnerability affecting users who have access to the affected VirtualBox environment.

What should I do if I am unable to update Oracle VM VirtualBox to fix CVE-2014-6540?

If you cannot update, consider isolating the affected systems and restricting user access until a patch can be applied.

Vulnerability/
CVE-2014-6540

low

1.9

15/10/2014

6/8/2024

CVE-2014-6540

First published: Wed Oct 15 2014(Updated: )

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests.

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle VM VirtualBox	<=4.2.24
Oracle VM VirtualBox	=4.2.0
Oracle VM VirtualBox	=4.2.2
Oracle VM VirtualBox	=4.2.4
Oracle VM VirtualBox	=4.2.6
Oracle VM VirtualBox	=4.2.8
Oracle VM VirtualBox	=4.2.10
Oracle VM VirtualBox	=4.2.12
Oracle VM VirtualBox	=4.2.14
Oracle VM VirtualBox	=4.2.16
Oracle VM VirtualBox	=4.2.18
Oracle VM VirtualBox	=4.2.20
Oracle VM VirtualBox	=4.2.22
Oracle VM VirtualBox	<=4.3.12
Oracle VM VirtualBox	=4.3.0
Oracle VM VirtualBox	=4.3.2
Oracle VM VirtualBox	=4.3.4
Oracle VM VirtualBox	=4.3.6
Oracle VM VirtualBox	=4.3.8
Oracle VM VirtualBox	=4.3.10
Oracle VM VirtualBox	<=4.1.32
Oracle VM VirtualBox	=4.1.0
Oracle VM VirtualBox	=4.1.2
Oracle VM VirtualBox	=4.1.4
Oracle VM VirtualBox	=4.1.6
Oracle VM VirtualBox	=4.1.8
Oracle VM VirtualBox	=4.1.10
Oracle VM VirtualBox	=4.1.12
Oracle VM VirtualBox	=4.1.14
Oracle VM VirtualBox	=4.1.16
Oracle VM VirtualBox	=4.1.18
Oracle VM VirtualBox	=4.1.20
Oracle VM VirtualBox	=4.1.22
Oracle VM VirtualBox	=4.1.24
Oracle VM VirtualBox	=4.1.26
Oracle VM VirtualBox	=4.1.28
Oracle VM VirtualBox	=4.1.30

Remedy

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What versions of Oracle VM VirtualBox are affected by CVE-2014-6540?
CVE-2014-6540 affects Oracle VM VirtualBox versions before 4.1.34, 4.2.26, and 4.3.14.
What is the nature of the vulnerability in CVE-2014-6540?
The vulnerability in CVE-2014-6540 allows local users to impact availability related to the graphics driver (WDDM) for Windows guests.
How can I mitigate CVE-2014-6540?
To mitigate CVE-2014-6540, update Oracle VM VirtualBox to a version that is 4.1.34 or later, 4.2.26 or later, or 4.3.14 or later.
Is CVE-2014-6540 a remote or local vulnerability?
CVE-2014-6540 is classified as a local vulnerability affecting users who have access to the affected VirtualBox environment.
What should I do if I am unable to update Oracle VM VirtualBox to fix CVE-2014-6540?
If you cannot update, consider isolating the affected systems and restricting user access until a patch can be applied.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/last-modified-date
agent/severity
agent/author
agent/tags
agent/first-publish-date
agent/description
agent/event
agent/source
vendor/oracle
canonical/oracle vm virtualbox
version/oracle vm virtualbox/4.2.24
version/oracle vm virtualbox/4.2.0
version/oracle vm virtualbox/4.2.2
version/oracle vm virtualbox/4.2.4
version/oracle vm virtualbox/4.2.6
version/oracle vm virtualbox/4.2.8
version/oracle vm virtualbox/4.2.10
version/oracle vm virtualbox/4.2.12
version/oracle vm virtualbox/4.2.14
version/oracle vm virtualbox/4.2.16
version/oracle vm virtualbox/4.2.18
version/oracle vm virtualbox/4.2.20
version/oracle vm virtualbox/4.2.22
version/oracle vm virtualbox/4.3.12
version/oracle vm virtualbox/4.3.0
version/oracle vm virtualbox/4.3.2
version/oracle vm virtualbox/4.3.4
version/oracle vm virtualbox/4.3.6
version/oracle vm virtualbox/4.3.8
version/oracle vm virtualbox/4.3.10
version/oracle vm virtualbox/4.1.32
version/oracle vm virtualbox/4.1.0
version/oracle vm virtualbox/4.1.2
version/oracle vm virtualbox/4.1.4
version/oracle vm virtualbox/4.1.6
version/oracle vm virtualbox/4.1.8
version/oracle vm virtualbox/4.1.10
version/oracle vm virtualbox/4.1.12
version/oracle vm virtualbox/4.1.14
version/oracle vm virtualbox/4.1.16
version/oracle vm virtualbox/4.1.18
version/oracle vm virtualbox/4.1.20
version/oracle vm virtualbox/4.1.22
version/oracle vm virtualbox/4.1.24
version/oracle vm virtualbox/4.1.26
version/oracle vm virtualbox/4.1.28
version/oracle vm virtualbox/4.1.30