VMware ESXi Use-After-Free / Out-Of-Bounds Access Vulnerability

Several security issues have been identified in the VMware ESIx virtual machine monitor VMM. A use-after-free UAF vulnerability in PVNVRAM, a missing return value check in EHCI USB controller leading to private heap information disclosure, and several out-of-bounds reads. Overview ======= We...

CVE-2020-3963

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be abl...

CVE-2020-3963

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be abl...

CVE-2020-3963

CVE-2020-3963 affects VMware ESXi (7.0 pre-7.0.0-1.20.16321839; 6.7 pre-670-202006401-SG; 6.5 pre-650-202005401-SG), Workstation 15.x pre-15.5.2, and Fusion 11.x pre-11.5.2 with a use-after-free in PVNVRAM that could allow a local attacker with VM access to read privileged memory. VMware’s VMSA-2...

PT-2020-3016 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi versions 7.0 before ESXi 7.0.0-1.20.16321839 VMware ESXi versions 6.7 before ESXi670-202006401-SG VMware ESXi versions 6.5 before ESXi650-202005401-SG VMware Workstation versions 15.x before 15.5.2 VMware Fusion versions 11.x befo...