CVE-2018-6981, CVE-2018-6982: uninitialized stack memory usage vulnerabilities on VMware ESXi, Workstation, and Fusion
VMware recently released security bulletins that fix two serious vulnerabilities (CVE-2018-6981 and CVE-2018-6982) in VMware ESXi, Workstation and Fusion. The weaknesses were provided by security researcher Zhangyanyu, which completed the virtual machine escape challenge at the GeekPwn2018 International Security Geek Competition. The existence of uninitialized stack memory causes both CVE-2018-6981 and CVE-2018-6982 in the vmxnet3 virtual network adapter by VMware ESXi, Fusion and Workstation. CVE-2018-6981 may allow clients to execute code on the host, and CVE-2018-6982 may cause information leakage from the host to the client. If vmxnet3 is enabled for the affected product, there is a risk that non-vmxnet3 virtual adapters are not affected by the above issues.
CVE-2018-6981
Product | Version | Operating platform | Severity | Replace/apply the patch |
ESXi | 6.7 | ESXi | Critical | ESXi670-201811401-BG |
ESXi | 6.5 | ESXi | Critical | ESXi650-201811301-BG |
ESXi | 6.0 | ESXi | Critical | ESXi600-201811401-BG |
Workstation | 15.x | all | Critical | 15.0.1 |
Workstation | 14.x | all | Critical | 14.1.4 |
Fusion | 11.x | OS X | Critical | 11.0.1 |
Fusion | 10.x | OS X | Critical | 10.1.4 |
CVE-2018-6982
Product | Version | Operating platform | Severity | Replace/ apply the patch |
ESXi | 6.7 | ESXi | Important | ESXi670-201811401-BG |
ESXi | 6.5 | ESXi | Important | ESXi650-201811301-BG |
ESXi | 6.0 | ESXi | N/A | Unaffected |
Workstation | all | all | N/A | Unaffected |
Fusion | all | OS X | N/A | Unaffected |
It is recommended to get an update as soon as possible.