VMware Patches Critical Guest-to-Host Escape Issue in ESXi, Workstation, Fusion
#1
Quote:According to VMware's security announcement, the products affected are VMWare vSphere ESXi (ESXi), VMware Workstation Pro / Player (Workstation), and VMware Fusion Pro, Fusion (Fusion).

"VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host," says VMware's VMSA-2018-0027 advisory.

It's also important to mention that according to VMware "The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are not affected by this issue."

The CVE-2018-6981 security issue was initially reported by GeekPwn2018's organizers and Chaitin Tech's security researcher Zhangyanyu.

Source: https://news.softpedia.com/news/vmware-p...3712.shtml
[-] The following 2 users say Thank You to silversurfer for this post:
  • harlan4096, mekelek
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Vivaldi 7.5 Build 3735.41
Vivaldi 7.5 Build ...harlan4096 — 10:43
Dozens of fake wallet add-ons flood Fire...
More than 40 fake ...harlan4096 — 10:41
AMD Radeon Adrenalin Edition 20.11.2
AMD RX 9070 XT now f...harlan4096 — 10:39
AMD FSR4-like algorithm coming to PlaySt...
Sony has confirmed...harlan4096 — 10:38
Vivaldi 7.5 launches with tab, ad blocke...
Vivaldi Technologi...harlan4096 — 10:37

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (46)dapedDow
avatar (48)TromPerl
avatar (45)RidgeDimb
avatar (36)ipumaqar
avatar (50)tanliorsPeri
avatar (42)lapedDow
avatar (48)rituabew
avatar (36)omyjul
avatar (40)papedDow
avatar (49)ArnoldFum
avatar (37)yfaza
avatar (48)Kevensi
avatar (47)ConradRoand
avatar (38)boineDon
avatar (50)spoofTum
avatar (49)WillieVot
avatar (39)Grompelbawn
avatar (40)vkseogaF
avatar (36)usogy
avatar (39)ywixazok
avatar (37)ixoqe
avatar (55)Step 1
avatar (35)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>