CVE-2020-3959

Name of the Vulnerable Software and Affected Versions VMware ESXi versions 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG VMware Workstation versions 15.x before 15.1.0 VMware Fusion versions 11.x before 11.1.0

Description The issue is related to a memory leak vulnerability in the VMCI module, which can be exploited by a malicious actor with local non-administrative access to a virtual machine. This can lead to a crash of the virtual machine's vmx process, resulting in a partial denial of service. The vulnerability is also described as a buffer overflow in memory, which can cause a denial of service.

Recommendations For VMware ESXi versions 6.7 before ESXi670-202004101-SG, update to ESXi670-202004101-SG or later. For VMware ESXi versions 6.5 before ESXi650-202005401-SG, update to ESXi650-202005401-SG or later. For VMware Workstation versions 15.x before 15.1.0, update to 15.1.0 or later. For VMware Fusion versions 11.x before 11.1.0, update to 11.1.0 or later.