CVE-2019-5541

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 15.x before 15.5.1 VMware Fusion versions 11.x before 11.5.1

Description The issue is related to an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM. The vulnerability can be exploited by a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For VMware Workstation versions 15.x before 15.5.1, update to version 15.5.1 or later to resolve the issue. For VMware Fusion versions 11.x before 11.5.1, update to version 11.5.1 or later to resolve the issue. As a temporary workaround, consider disabling the e1000e virtual network adapter until a patch is available.