4 matches found
Security Bulletin: IBM PureApplication System is affected by vulnerabilities in VMWare component (CVE-2018-6981 CVE-2018-6982)
Summary There are vulnerabilities reported in the VMWare component that is used by IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-6981 and CVE-2018-6982. The following vulnerabilities have been addressed by IBM PureApplication...
CVE-2018-6982
CVE-2018-6982 affects VMware ESXi 6.5 and 6.7 (and related VMware products) due to uninitialized stack memory usage in the vmxnet3 virtual network adapter, which may leak information from host to guest when vmxnet3 is enabled. The Connected documents corroborate that ESXi 6.7 requires ESXi670-201...
VMSA-2018-0027 : VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
a. vmxnet3 uninitialized stack memory usage VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host. The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are n...
ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check)
The remote VMware ESXi host is version 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to multiple vulnerabilities. Leveraging the most severe of these vulnerabilities could allow an attacker to execute arbitrary code on the host from the security context of an...