CISA description
An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
CVE-2008-3431
Oracle · VirtualBox
Oracle VirtualBox Insufficient Input Validation Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.