CVE-2018-6981

🗓️ 04 Dec 2018 14:00:00Reported by vmwareType

VMware ESXi and Workstation/Fusion versions prior to specified patches have uninitialized stack memory usage in vmxnet3, allowing guest to execute code on host

Reporter	Title	Published	Views	Family All 15
IBM Security Bulletins	Security Bulletin: IBM PureApplication System is affected by vulnerabilities in VMWare component (CVE-2018-6981 CVE-2018-6982)	25 Jan 201912:20	–	ibm
Circl	CVE-2018-6981	10 Nov 201810:21	–	circl
CNVD	VMware ESXi, Workstation and Fusion Uninitialized Stack Memory Usage Vulnerability	12 Nov 201800:00	–	cnvd
Cvelist	CVE-2018-6981	4 Dec 201814:00	–	cvelist
EUVD	EUVD-2018-18725	3 Oct 202520:07	–	euvd
Gitee	Exploit for Out-of-bounds Write in F5 Nginx	6 Jul 202502:38	–	gitee
Kaspersky	KLA11346 Multiple vulnerabilities in VMware products	8 Nov 201800:00	–	kaspersky
Tenable Nessus	VMware Fusion 10.x < 10.1.4 / 11.x < 11.0.1 vmxnet3 Guest-to-Host Code Execution Vulnerability (VMSA-2018-0027) (macOS)	12 Nov 201800:00	–	nessus
Tenable Nessus	ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check)	12 Nov 201800:00	–	nessus
Tenable Nessus	VMSA-2018-0027 : VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage	14 Nov 201800:00	–	nessus

NVD

Node

vmware workstationRange14.0.0–14.1.4

vmware workstationMatch15.0.0

Node

vmware fusionRange10.0.0–10.1.4

vmware fusionMatch11.0.0

AND

apple mac_os_xMatch-

Node

vmware esxiMatch6.0-

vmware esxiMatch6.01

vmware esxiMatch6.01a

vmware esxiMatch6.01b

vmware esxiMatch6.02

vmware esxiMatch6.03

vmware esxiMatch6.03a

vmware esxiMatch6.0600-201504401

vmware esxiMatch6.0600-201505401

vmware esxiMatch6.0600-201507101

vmware esxiMatch6.0600-201507102

vmware esxiMatch6.0600-201507401

vmware esxiMatch6.0600-201507402

vmware esxiMatch6.0600-201507403

vmware esxiMatch6.0600-201507404

vmware esxiMatch6.0600-201507405

vmware esxiMatch6.0600-201507406

vmware esxiMatch6.0600-201507407

vmware esxiMatch6.0600-201509101

vmware esxiMatch6.0600-201509102

vmware esxiMatch6.0600-201509201

vmware esxiMatch6.0600-201509202

vmware esxiMatch6.0600-201509203

vmware esxiMatch6.0600-201509204

vmware esxiMatch6.0600-201509205

vmware esxiMatch6.0600-201509206

vmware esxiMatch6.0600-201509207

vmware esxiMatch6.0600-201509208

vmware esxiMatch6.0600-201509209

vmware esxiMatch6.0600-201509210

vmware esxiMatch6.0600-201510401

vmware esxiMatch6.0600-201511401

vmware esxiMatch6.0600-201601101

vmware esxiMatch6.0600-201601102

vmware esxiMatch6.0600-201601401

vmware esxiMatch6.0600-201601402

vmware esxiMatch6.0600-201601403

vmware esxiMatch6.0600-201601404

vmware esxiMatch6.0600-201601405

vmware esxiMatch6.0600-201602401

vmware esxiMatch6.0600-201603101

vmware esxiMatch6.0600-201603102

vmware esxiMatch6.0600-201603201

vmware esxiMatch6.0600-201603202

vmware esxiMatch6.0600-201603203

vmware esxiMatch6.0600-201603204

vmware esxiMatch6.0600-201603205

vmware esxiMatch6.0600-201603206

vmware esxiMatch6.0600-201603207

vmware esxiMatch6.0600-201603208

vmware esxiMatch6.0600-201605401

vmware esxiMatch6.0600-201608101

vmware esxiMatch6.0600-201608401

vmware esxiMatch6.0600-201608402

vmware esxiMatch6.0600-201608403

vmware esxiMatch6.0600-201608404

vmware esxiMatch6.0600-201608405

vmware esxiMatch6.0600-201610410

vmware esxiMatch6.0600-201611401

vmware esxiMatch6.0600-201611402

vmware esxiMatch6.0600-201611403

vmware esxiMatch6.0600-201702101

vmware esxiMatch6.0600-201702102

vmware esxiMatch6.0600-201702201

vmware esxiMatch6.0600-201702202

vmware esxiMatch6.0600-201702203

vmware esxiMatch6.0600-201702204

vmware esxiMatch6.0600-201702205

vmware esxiMatch6.0600-201702206

vmware esxiMatch6.0600-201702207

vmware esxiMatch6.0600-201702208

vmware esxiMatch6.0600-201702209

vmware esxiMatch6.0600-201702210

vmware esxiMatch6.0600-201702211

vmware esxiMatch6.0600-201702212

vmware esxiMatch6.0600-201703401

vmware esxiMatch6.0600-201706101

vmware esxiMatch6.0600-201706102

vmware esxiMatch6.0600-201706103

vmware esxiMatch6.0600-201706401

vmware esxiMatch6.0600-201706402

vmware esxiMatch6.0600-201706403

vmware esxiMatch6.0600-201710301

vmware esxiMatch6.0600-201811001

vmware esxiMatch6.5-

vmware esxiMatch6.5650-201701001

vmware esxiMatch6.5650-201703001

vmware esxiMatch6.5650-201703002

vmware esxiMatch6.5650-201704001

vmware esxiMatch6.5650-201707101

vmware esxiMatch6.5650-201707102

vmware esxiMatch6.5650-201707103

vmware esxiMatch6.5650-201707201

vmware esxiMatch6.5650-201707202

vmware esxiMatch6.5650-201707203

vmware esxiMatch6.5650-201707204

vmware esxiMatch6.5650-201707205

vmware esxiMatch6.5650-201707206

vmware esxiMatch6.5650-201707207

vmware esxiMatch6.5650-201707208

vmware esxiMatch6.5650-201707209

vmware esxiMatch6.5650-201707210

vmware esxiMatch6.5650-201707211

vmware esxiMatch6.5650-201707212

vmware esxiMatch6.5650-201707213

vmware esxiMatch6.5650-201707214

vmware esxiMatch6.5650-201707215

vmware esxiMatch6.5650-201707216

vmware esxiMatch6.5650-201707217

vmware esxiMatch6.5650-201707218

vmware esxiMatch6.5650-201707219

vmware esxiMatch6.5650-201707220

vmware esxiMatch6.5650-201707221

vmware esxiMatch6.5650-201710001

vmware esxiMatch6.5650-201712001

vmware esxiMatch6.5650-201803001

vmware esxiMatch6.5650-201806001

vmware esxiMatch6.5650-201808001

vmware esxiMatch6.5650-201810001

vmware esxiMatch6.5650-201810002

vmware esxiMatch6.5650-201811001

vmware esxiMatch6.5650-201811002

vmware esxiMatch6.7-

vmware esxiMatch6.7670-201806001

vmware esxiMatch6.7670-201807001

vmware esxiMatch6.7670-201808001

vmware esxiMatch6.7670-201810001

vmware esxiMatch6.7670-201810101

vmware esxiMatch6.7670-201810102

vmware esxiMatch6.7670-201810103

vmware esxiMatch6.7670-201810201

vmware esxiMatch6.7670-201810202

vmware esxiMatch6.7670-201810203

vmware esxiMatch6.7670-201810204

vmware esxiMatch6.7670-201810205

vmware esxiMatch6.7670-201810206

vmware esxiMatch6.7670-201810207

vmware esxiMatch6.7670-201810208

vmware esxiMatch6.7670-201810209

vmware esxiMatch6.7670-201810210

vmware esxiMatch6.7670-201810211

vmware esxiMatch6.7670-201810212

vmware esxiMatch6.7670-201810213

vmware esxiMatch6.7670-201810214

vmware esxiMatch6.7670-201810215

vmware esxiMatch6.7670-201810216

vmware esxiMatch6.7670-201810217

vmware esxiMatch6.7670-201810218

vmware esxiMatch6.7670-201810219

vmware esxiMatch6.7670-201810220

vmware esxiMatch6.7670-201810221

vmware esxiMatch6.7670-201810222

vmware esxiMatch6.7670-201810223

vmware esxiMatch6.7670-201810224

vmware esxiMatch6.7670-201810225

vmware esxiMatch6.7670-201810226

vmware esxiMatch6.7670-201810227

vmware esxiMatch6.7670-201810228

vmware esxiMatch6.7670-201810229

vmware esxiMatch6.7670-201810230

vmware esxiMatch6.7670-201810231

vmware esxiMatch6.7670-201810232

vmware esxiMatch6.7670-201810233

vmware esxiMatch6.7670-201810234

vmware esxiMatch6.7670-201811001

[
  {
    "product": "VMware ESXi, VMware Workstation, and VMware Fusion",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "VMware ESXi 6.7 without ESXi670-201811401-BG, VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1042055
vmware	www.vmware.com/security/advisories/VMSA-2018-0027.html
securitytracker	www.securitytracker.com/id/1042054
securityfocus	www.securityfocus.com/bid/105881

21 Nov 2024 04:11Current

8.7High risk

Vulners AI Score8.7

CVSS 27.2

CVSS 3.18.8

EPSS0.06846

CWE-908