-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2018-0016 Severity: Important Synopsis: VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities Issue date: 2018-06-28 Updated on: 2018-06-28 (Initial Advisory) CVE number: CVE-2018-6965, CVE-2018-6966, CVE-2018-6967 1. Summary VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities 2. Relevant Releases VMware vSphere ESXi (ESXi) VMware Workstation Pro / Player (Workstation) VMware Fusion Pro, Fusion (Fusion) 3. Problem Description ESXi, Workstation, and Fusion multiple out-of-bounds read vulnerabilities VMware ESXi, Workstation and Fusion contain multiple out-of-bounds read vulnerabilities in the shader translator. Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs. VMware would like to thank RanchoIce of Tencent ZhanluLab (CVE-2018-6965, CVE-2018-6966, CVE-2018-6967) and a member of Cisco Talos (CVE-2018-6965) for independently reporting these issues to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2018-6965, CVE-2018-6966, and CVE-2018-6967 to these issues. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Mitigation/ Product Version on Severity Apply patch Workaround =========== ======= ======= ======== ============= ========== ESXi 6.7 Any Important ESXi670-201806401-BG None ESXi 6.5 Any N/A not affected N/A ESXi 6.0 Any N/A not affected N/A ESXi 5.5 Any N/A not affected N/A Workstation 14.x Any Important 14.1.2 None Fusion 10.x OS X Important 10.1.2 None 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. ESXi 6.7 ------------- Downloads: https://my.vmware.com/group/vmware/patch Documentation: http://kb.vmware.com/kb/55920 VMware Workstation Pro 14.1.2 Downloads and Documentation: https://www.vmware.com/go/downloadworkstation https://docs.vmware.com/en/VMware-Workstation-Pro/index.html VMware Workstation Player 14.1.2 Downloads and Documentation: https://www.vmware.com/go/downloadplayer https://docs.vmware.com/en/VMware-Workstation-Player/index.html VMware Fusion Pro / Fusion 10.1.2 Downloads and Documentation: https://www.vmware.com/go/downloadfusion https://docs.vmware.com/en/VMware-Fusion/index.html 5. References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6965 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6966 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6967 http://kb.vmware.com/kb/55920 - ----------------------------------------------------------------------- 6. Change log 2018-06-28 VMSA-2018-0016 Initial security advisory in conjunction with the release of ESXi 6.7 patches on 2018-06-28 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2018 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.4.1 (Build 490) Charset: utf-8 wj8DBQFbNbokDEcm8Vbi9kMRAuemAJ9KfqaNXH97qDRr983dlid0okjKfQCgqFwz mMrpzDj+kjGjhokpusGbqt8= =qnoI -----END PGP SIGNATURE-----