Lucene search
VmwareCVELIST:CVE-2020-3968HistoryJun 25, 2020 - 2:43 p.m.
CVE-2020-3968
2020-06-2514:43:59
vmware
www.cve.org
5
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine’s vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker’s control must be present for exploitation to be possible.
CNA Affected
[
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
]Related
prion
prion
Out-of-bounds
2020-06-25 15:15:00
nvd
nvd
CVE-2020-3968
2020-06-25 15:15:11
cve
cve
CVE-2020-3968
2020-06-25 15:15:11
zdi
zdi
kaspersky
kaspersky
KLA12098 Multiple vulnerabilities in VMware Workstation and Player
2020-06-23 00:00:00
nessus
nessus
