Positive Technologies Research Team has discovered denial of service vulnerabilities in VMware products. The IOCTL handler in hcmon.sys does not properly validate buffer data associated with the Irp object, which allows local users with administrative privileges to crash the system.
8dfa92c260d4fac7e9d8c687edbedf3df93ac8a4ae132c58baa7bd66e23e9527
VMware Security Advisory - Updated VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues.
69d3c63671df094fb6e8d8612166baec58e5df05c421660a5e43b54c2f056969