VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader.
#Add audio device vmware vsphere 6.5 windows 10 code#
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host. VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest. This issue may allow a guest to execute code on the host. Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present.
VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5. Published: Decem11:15:11 AM -0500ĮSXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue.
0 kommentar(er)
