PT-2020-3060 · Vmware · Vmware Fusion+2
Piotr Bania
·
Published
2020-05-29
·
Updated
2021-07-21
·
CVE-2020-3958
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
VMware ESXi versions 6.7 before ESXi670-202004101-SG
VMware ESXi versions 6.5 before ESXi650-202005401-SG
VMware Workstation versions 15.x before 15.5.2
VMware Fusion versions 11.x before 11.5.2
Description
The issue is related to a denial-of-service condition in the shader functionality, potentially allowing attackers with non-administrative access to a virtual machine to crash the virtual machine's vmx process. This is due to insufficient input validation, which may enable an attacker to cause a denial of service.
Recommendations
For VMware ESXi version 6.7, update to ESXi670-202004101-SG or later.
For VMware ESXi version 6.5, update to ESXi650-202005401-SG or later.
For VMware Workstation version 15.x, update to 15.5.2 or later.
For VMware Fusion version 11.x, update to 11.5.2 or later.
Fix
DoS
Assertion Failure
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vmware Esxi
Vmware Fusion
Vmware Workstation