3. VMware ESXi, Workstation and Fusion pixel shader out-of-bounds read/write vulnerabilities (CVE-2019-5521, CVE-2019-5684)
VMware ESXi, Workstation and Fusion contain out-of-bounds read/write vulnerabilities in the pixel shader functionality. VMware has evaluated the severity of these issues to be in the Important severity range with a maximum CVSSv3 base score of 8.5.
CPE | Name | Operator | Version |
---|---|---|---|
esxi | lt | ESXi670-201904101-SG | |
esxi | lt | ESXi650-201903001 | |
workstation | lt | 15.0.3 | |
workstation | lt | 14.1.6 | |
fusion | lt | 11.0.3 | |
fusion | lt | 10.1.6 | |
esxi | lt | 13004031 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5684
docs.vmware.com/en/VMware-Fusion/index.html
docs.vmware.com/en/VMware-vSphere/6.5/rn/esxi650-201903001.html
docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-esxi-67u2-release-notes.html
docs.vmware.com/en/VMware-Workstation-Player/index.html
docs.vmware.com/en/VMware-Workstation-Pro/index.html
my.vmware.com/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_vsphere/6_5
my.vmware.com/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_vsphere/6_7
nvidia.custhelp.com/app/answers/detail/a_id/4841
www.vmware.com/go/downloadfusion
www.vmware.com/go/downloadplayer
www.vmware.com/go/downloadworkstation