3a. Use-after-free vulnerability in SVGA device (CVE-2020-3962)
VMware ESXi, Workstation and Fusion contain a Use-after-free vulnerability in the SVGA device. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3.
3b. Off-by-one heap-overflow vulnerability in SVGA device (CVE-2020-3969)
VMware ESXi, Workstation and Fusion contain an off-by-one heap-overflow vulnerability in the SVGA device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
3c. Out-of-bound read issue in Shader Functionality (CVE-2020-3970)
VMware ESXi, Workstation and Fusion contain an out-of-bounds read vulnerability in the Shader functionality. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.0.
3d. Heap-overflow issue in EHCI controller (CVE-2020-3967)
VMware ESXi, Workstation and Fusion contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
3e. Out-of-bounds write vulnerability in xHCI controller (CVE-2020-3968)
VMware ESXi, Workstation and Fusion contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
3f. Heap-overflow due to race condition in EHCI controller (CVE-2020-3966)
VMware ESXi, Workstation and Fusion contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
3g. Information leak in the XHCI USB controller (CVE-2020-3965)
VMware ESXi, Workstation and Fusion contain an information leak in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.
3h. Information Leak in the EHCI USB controller (CVE-2020-3964)
VMware ESXi, Workstation and Fusion contain an information leak in the EHCI USB controller. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 5.9.
3i. Use-after-free vulnerability in PVNVRAM (CVE-2020-3963)
VMware ESXi, Workstation and Fusion contain a Use-after-free vulnerability in PVNVRAM. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9.
3j. Heap overflow vulnerability in vmxnet3 (CVE-2020-3971)
VMware ESXi, Fusion and Workstation contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3965
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3967
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3968
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3969
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3970
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3971
docs.vmware.com/en/VMware-Cloud-Foundation/3.10/rn/VMware-Cloud-Foundation-310-Release-Notes.html
docs.vmware.com/en/VMware-Cloud-Foundation/3.10/rn/VMware-Cloud-Foundation-310-Release-Notes.html#3.10.0.1-Release
docs.vmware.com/en/VMware-Cloud-Foundation/3.7.2/rn/VMware-Cloud-Foundation-372-Release-Notes.html
docs.vmware.com/en/VMware-Cloud-Foundation/4.0.1/rn/VMware-Cloud-Foundation-401-Release-Notes.html
docs.vmware.com/en/VMware-Fusion/index.html
docs.vmware.com/en/VMware-vSphere/6.5/rn/esxi650-202005001.html
docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-esxi-65u3-release-notes.html
docs.vmware.com/en/VMware-vSphere/6.7/rn/esxi670-202004002.html
docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-esxi-67u2-release-notes.html
docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-vcenter-server-70-release-notes.html
docs.vmware.com/en/VMware-Workstation-Player/index.html
docs.vmware.com/en/VMware-Workstation-Pro/index.html
my.vmware.com/group/vmware/patch
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
www.vmware.com/go/downloadfusion
www.vmware.com/go/downloadplayer
www.vmware.com/go/downloadworkstation