PT-2025-38167

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The dwc3 get properties function in the Linux kernel contains memory leaks during error handling. Specifically, the function calls power supply get by nameusb psy name and requires...

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.

...

ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2022-0004)

The remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by multiple vulnerabilities, including the following: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtua...

CVE-2021-22041

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

CVE-2021-22040

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

CVE-2021-22041

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

Double free

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

CVE-2021-22041

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

CVE-2021-22040

Vulnerability CVE-2021-22040 affects VMware ESXi, Workstation, and Fusion due to a use-after-free in the XHCI USB controller. The issue lets a malicious actor with local VM admin privileges execute code as the host VMX process running on the host. This is a host-level impact triggered from within...

CVE-2021-22040

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...

Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers

VMware has issued a critical security update to address issues in its ESXi, Fusion and Workstation products, including VMware Cloud Foundation versions. Exploitation could give attackers access to workloads inside organizations’ virtual environments. The bugs have a range of 5.3 to 8.4 out of 10 ...

VMware addresses security flaws discovered during Tianfu Cup Pwn Contest

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here VMware addressed vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation, few months after the discovery of these bugs by participants at Tianfu Cup Pwn Contest. VMware has rated some of these vulnerabilities as...

VMSA-2022-0004:VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities

Advisory ID: VMSA-2022-0004 CVSSv3 Range: 5.3-8.4 Issue Date:2022-02-15 Updated On: 2022-02-15 Initial Advisory CVEs: CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050 Synopsis: VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities...

EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2021-2125)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in QEMU. A heap-based buffer overflow vulnerability was found in the SDHCI device emulation support...

PT-2021-8277 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the usb: dwc3: core: Do core softreset when switch mode in the Linux kernel. According to the programming guide, to switch mode for DRD controller, the driver...

ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2020-0026)

According to its self-reported version number, the remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by multiple vulnerabilities. - A use-after-free error exists in the XHCI USB controller. An unauthenticated, local attacker with local administrative privileges on a virtual machi...

VMware Workstation 15.x < 15.5.7 Use-after-free (VMSA-2020-0026)

The version of VMware Workstation installed on the remote Windows host is 15.x prior to 15.5.7. It is, therefore, affected by a use-after-free error in the XHCI USB Controller. An unauthenticated, local attacker with administrative privileges on a virtual machine may exploit this issue to execute...

VMware Fusion 11.x < 11.5.7 Use-after-free (VMSA-2020-0026)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.7. It is, therefore, affected by a use-after-free error in the XHCI USB Controller. An unauthenticated, local attacker with administrative privileges on a virtual machine may exploit this issue to...

VMSA-2020-0026 : VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities

a. Use-after-free vulnerability in XHCI USB controller CVE-2020-4004 VMware ESXi contains a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machines VMX proce...

CVE-2020-4004

VMware ESXi 7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG, Workstation 15.x before 15.5.7, Fusion 11.x before 11.5.7 contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a...