6 matches found
Security Bulletin: IBM PureApplication System is affected by vulnerabilities in VMWare component (CVE-2018-6981 CVE-2018-6982)
Summary There are vulnerabilities reported in the VMWare component that is used by IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-6981 and CVE-2018-6982. The following vulnerabilities have been addressed by IBM PureApplication...
CVE-2018-6981
CVE-2018-6981 describes an uninitialized stack memory issue in the vmxnet3 virtual network adapter that could allow a guest to execute code on the host. Affected VMware products include ESXi 6.7 (without ESXi670-201811401-BG), ESXi 6.5 (without ESXi650-201811301-BG), ESXi 6.0 (without ESXi600-201...
VMSA-2018-0027 : VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
a. vmxnet3 uninitialized stack memory usage VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host. The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are n...
VMware Fusion 10.x < 10.1.4 / 11.x < 11.0.1 vmxnet3 Guest-to-Host Code Execution Vulnerability (VMSA-2018-0027) (macOS)
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 10.x prior to 10.1.4 or 11.x prior to 11.0.1. It is, therefore, affected by an uninitialized stack memory usage vulnerability in the vmxnet3 network adapter. An attacker with access to a guest system may be able to...
ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check)
The remote VMware ESXi host is version 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to multiple vulnerabilities. Leveraging the most severe of these vulnerabilities could allow an attacker to execute arbitrary code on the host from the security context of an...
CVE-2018-6981
creationtimestamp| type| source ---|---|--- 2018-11-10 10:21:52+00:00| seen| https://t.me/informationsecuritychannel/22029...