CVE-2018-6981, CVE-2018-6982: uninitialized stack memory usage vulnerabilities on VMware ESXi, Workstation, and Fusion

by · Published · Updated

VMware recently released security bulletins that fix two serious vulnerabilities (CVE-2018-6981 and CVE-2018-6982) in VMware ESXi, Workstation and Fusion. The weaknesses were provided by security researcher Zhangyanyu, which completed the virtual machine escape challenge at the GeekPwn2018 International Security Geek Competition. The existence of uninitialized stack memory causes both CVE-2018-6981 and CVE-2018-6982 in the vmxnet3 virtual network adapter by VMware ESXi, Fusion and Workstation. CVE-2018-6981 may allow clients to execute code on the host, and CVE-2018-6982 may cause information leakage from the host to the client. If vmxnet3 is enabled for the affected product, there is a risk that non-vmxnet3 virtual adapters are not affected by the above issues.

CVE-2018-6981

Product Version Operating platform Severity Replace/apply the patch
ESXi 6.7 ESXi Critical ESXi670-201811401-BG
ESXi 6.5 ESXi Critical ESXi650-201811301-BG
ESXi 6.0 ESXi Critical ESXi600-201811401-BG
Workstation 15.x all Critical 15.0.1
Workstation 14.x all Critical 14.1.4
Fusion 11.x OS X Critical 11.0.1
Fusion 10.x OS X Critical 10.1.4

CVE-2018-6982

Product Version Operating platform Severity Replace/ apply the patch
ESXi 6.7 ESXi Important ESXi670-201811401-BG
ESXi 6.5 ESXi Important ESXi650-201811301-BG
ESXi 6.0 ESXi N/A Unaffected
Workstation all all N/A Unaffected
Fusion all OS X N/A Unaffected

It is recommended to get an update as soon as possible.

Tags: