VMware has released security updates to two uninitialized stack memory usage vulnerabilities (CVE-2018-6981, CVE-2018-6982) in their virtualization applications. One of the vulnerabilities (CVE-2018-6981) may allow a guest to execute arbitrary code on the host.
Affected versions:
- VMware ESXi 6.7 without ESXi670-201811401-BG patch
- VMware ESXi 6.5 without ESXi650-201811301-BG patch
- VMware ESXi 6.0 without ESXi600-201811401-BG patch
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.1
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.4
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.4
Further information including updating instructions can be read from VMware's security advisory.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment