Geeks for your information News Software & Services News v
VMware Patches Critical Guest-to-Host Escape Issue in ESXi, Workstation, Fusion
VMware Patches Critical Guest-to-Host Escape Issue in ESXi, Workstation, Fusion
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
09 November 18, 18:40 (This post was last modified: 09 November 18, 18:57 by silversurfer.)
Quote:According to VMware's security announcement, the products affected are VMWare vSphere ESXi (ESXi), VMware Workstation Pro / Player (Workstation), and VMware Fusion Pro, Fusion (Fusion).

"VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host," says VMware's VMSA-2018-0027 advisory.

It's also important to mention that according to VMware "The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are not affected by this issue."

The CVE-2018-6981 security issue was initially reported by GeekPwn2018's organizers and Chaitin Tech's security researcher Zhangyanyu.

Source: https://news.softpedia.com/news/vmware-p...3712.shtml
[-] The following 2 users say Thank You to silversurfer for this post:
  • harlan4096, mekelek
Find
Reply


Messages In This Thread
VMware Patches Critical Guest-to-Host Escape Issue in ESXi, Workstation, Fusion - by silversurfer - 09 November 18, 18:40

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Intel shares Granite Rapids-WS Xeon 600 ...
Intel posts Xeon 6...harlan4096 — 09:49
Manjaro Linux 26.0.3 Build 260228
Manjaro Linux 26.0...harlan4096 — 08:20
K-Lite Codec Pack 19.5.0 / 19.5.4 Update
Changes in 19.5.4 ...harlan4096 — 08:19
JEDEC publishes UFS 5.0 spec with up to ...
KIOXIA starts samp...harlan4096 — 08:17
QOwnNotes
26.2.15  Fix Qt5 ...Kool — 07:30

[-]
Birthdays
Today's Birthdays
avatar (51)Claudestync
Upcoming Birthdays
avatar (44)gapedDow
avatar (38)snorydar
avatar (43)Hectorvot
avatar (51)knowhanPluts
avatar (39)Williamengiz
avatar (46)qaqapeti
avatar (44)battsourIonix
avatar (43)CedricSek
avatar (39)chasRex
avatar (43)slavrProck
avatar (45)Tyesharaike
avatar (49)TomeRerla
avatar (45)walllMIZ
avatar (41)oconyho
avatar (33)uteluxix
avatar (47)piafcflene
avatar (39)Matthewkah
avatar (51)tersfargum
avatar (50)alfreExept
avatar (38)Charlesfibre
avatar (42)napasvem
avatar (44)diploJeoca
avatar (38)francisnj3
avatar (43)artmaGoork
avatar (45)tukraNax
avatar (41)RichardCisee
avatar (40)ebenofit
avatar (38)ykazawu
avatar (41)ARYsahulatbazar

[-]
Online Staff
There are no staff members currently online.

>