Saturday, April 6, 2019

VMSA-2019-0005

VMware Security Advisory announced some security issues with critical severity and published appropriate hotfix updates for its relevant products that may has been compromised by this bug: VMware ESXi, Workstation & Fusion. Also vulnerabilities are about:
1. Virtual USB 1.1 Universal Host Controller Interface (UHCI) out-of-bounds read/write and Time-of-check Time-of-use (TOCTOU)
2. Intel E1000 / E1000E vAdapters out-of-bounds write (Fusion/workstation)
3. Unauthenticated APIs (Fusion only)

As VMware said: Exploitation of these issues may let an attacker to execute code on the host from a virtual machine.
CVE Numbers of these security problems are:

   CVE-2019-5514
   CVE-2019-5515
   CVE-2019-5518
   CVE-2019-5519
   CVE-2019-5524


For more information about this issue and other new recently issues, please refer to VMSA-2019-0005 on the VMware Security Advisory portal.

at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

I will start a new journey soon ...