PT-2018-17859 · Vmware · Vmware Esxi 6.5+3

Published

2018-12-04

Updated

2022-02-03

CVE-2018-6982

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware ESXi 6.7 without ESXi670-201811401-BG VMware ESXi 6.5 without ESXi650-201811301-BG

Description The issue concerns the use of uninitialized stack memory in the vmxnet3 virtual network adapter, potentially leading to an information leak from the host to the guest.

Recommendations For VMware ESXi 6.7 without ESXi670-201811401-BG, apply the patch ESXi670-201811401-BG to resolve the issue. For VMware ESXi 6.5 without ESXi650-201811301-BG, apply the patch ESXi650-201811301-BG to resolve the issue.

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

CVE-2018-6982

Affected Products

Vmware Esxi 6.5

Vmware Esxi 6.7

Vmware Workstation

Vmxnet3

PT-2018-17859 · Vmware · Vmware Esxi 6.5+3

CVE-2018-6982

Weakness Enumeration

Related Identifiers

Affected Products

References · 5