1. Virtual USB 1.1 Universal Host Controller Interface (UHCI) out-of-bounds read/write and Time-of-check Time-of-use (TOCTOU)
2. Intel E1000 / E1000E vAdapters out-of-bounds write (Fusion/workstation)
3. Unauthenticated APIs (Fusion only)
As VMware said: Exploitation of these issues may let an attacker to execute code on the host from a virtual machine.
CVE Numbers of these security problems are:
CVE-2019-5514
CVE-2019-5515
CVE-2019-5518
CVE-2019-5519
CVE-2019-5524
For more information about this issue and other new recently issues, please refer to VMSA-2019-0005 on the VMware Security Advisory portal.
No comments:
Post a Comment