EIP-2026-102943

PRE-CVE

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102943. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages a race condition in VirtualBox's shared folder implementation (vbsfPathCheckRootEscape) to escape the shared directory and access the host filesystem. It requires two cooperating VMs to manipulate directory paths during traversal, allowing arbitrary file reads on the host.

Description

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textlocallinux

https://www.exploit-db.com/exploits/41597

View Code ZIP pw:eip

This exploit leverages a race condition in VirtualBox's shared folder implementation (vbsfPathCheckRootEscape) to escape the shared directory and access the host filesystem. It requires two cooperating VMs to manipulate directory paths during traversal, allowing arbitrary file reads on the host.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Racy

Target: Oracle VirtualBox 5.1.10 (Linux host)

No auth needed

Prerequisites: Two Linux VMs with shared writable folder · Guest extensions with patched vboxsf module · Host file (/real_root_marker) for proof of access

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026