[Security-announce] New VMSA-2018-0013 - VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities

VMware Security Announcements security-announce at lists.vmware.com
Mon May 21 15:58:21 PDT 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2018-0013
Severity:    Important
Synopsis:    VMware Workstation and Fusion updates address signature
             bypass and multiple denial-of-service vulnerabilities
Issue date:  2018-05-21
Updated on:  2018-05-21 (Initial Advisory)
CVE number:  CVE-2018-6962 and CVE-2018-6963

1. Summary

   VMware Workstation and Fusion updates address signature bypass and
   multiple denial-of-service vulnerabilities

2. Relevant Releases

   VMware Workstation Pro / Player (Workstation)
   VMware Fusion Pro, Fusion (Fusion)

3. Problem Description

   a. Fusion signature bypass vulnerability

   VMware Fusion contains a signature bypass vulnerability which may
   lead to a local privilege escalation.

   VMware would like to thank CodeColorist of AntFinancial LightYear
   Security Labs for reporting this issue to us.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2018-6962 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running           Replace with/      Mitigation/
   Product     Version on      Severity  Apply patch        Workaround
   =========== ======= ======= =========  =============     ==========
   Fusion       10.x    OS X   Important    10.1.2             None

   b. Workstation and Fusion multiple Denial-of-service vulnerabilities

   VMWare Workstation and Fusion contain multiple denial-of-service
   vulnerabilities that occur due to NULL pointer dereference issues in
   the RPC handler. Successful exploitation of these issues may allow
   an attacker with limited privileges on the guest machine trigger a
   denial-of-Service of their guest machine.

   VMware would like to thank Hahna Latonick and Kevin Fujimoto working
   with Trend Micro's Zero Day Initiative, and Bruno Botelho (@utxsec)
   for individually reporting these issues to us.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2018-6963 to these issues.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running           Replace with/      Mitigation/
   Product     Version on      Severity  Apply patch        Workaround
   =========== ======= ======= ========  =============      ==========
   Workstation  14.x    Any    Moderate     14.1.2             None
   Fusion       10.x    OS X   Moderate     10.1.2             None


4. Solution

   Please review the patch/release notes for your product and
   version and verify the checksum of your downloaded file.

   VMware Workstation Pro 14.1.2
   Downloads and Documentation:
   https://www.vmware.com/go/downloadworkstation
   https://docs.vmware.com/en/VMware-Workstation-Pro/index.html

   VMware Workstation Player 14.1.2
   Downloads and Documentation:
   https://www.vmware.com/go/downloadplayer
   https://docs.vmware.com/en/VMware-Workstation-Player/index.html

   VMware Fusion Pro / Fusion 10.1.2
   Downloads and Documentation:
   https://www.vmware.com/go/downloadfusion
   https://docs.vmware.com/en/VMware-Fusion/index.html


5. References

   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6962
   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6963

- -----------------------------------------------------------------------

6. Change log

   2018-05-21 VMSA-2018-0013
   Initial security advisory in conjunction with the release of VMware
   Workstation 14.1.2 and Fusion 10.1.2 on 2018-05-21.

- -----------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

   This Security Advisory is posted to the following lists:

     security-announce at lists.vmware.com
     bugtraq at securityfocus.com
     fulldisclosure at seclists.org

   E-mail: security at vmware.com
   PGP key at: https://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html

   VMware Security & Compliance Blog
   https://blogs.vmware.com/security

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2018 VMware Inc.  All rights reserved.


-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFbAt79DEcm8Vbi9kMRAh8ZAKDiOzX/EWU3TubYD2TZE8Ybq01gygCfYOMO
qL3cJ3d8dEPchbYxcTOmwlU=
=eco8
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.vmware.com/pipermail/security-announce/attachments/20180521/6cc9a5f1/attachment.html>


More information about the Security-announce mailing list