Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.2440 VMSA-2018-0022 VMware Workstation and Fusion updates address an out-of-bounds write issue 21 August 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: VMware Workstation Pro / Player (Workstation) VMware Fusion Pro, Fusion (Fusion) Publisher: VMWare Operating System: Virtualisation Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-6973 Original Bulletin: https://www.vmware.com/au/security/advisories/VMSA-2018-0022.html - --------------------------BEGIN INCLUDED TEXT-------------------- VMware Security Advisory Advisory ID: VMSA-2018-0022 Severity: Critical Synopsis: VMware Workstation and Fusion updates address an out-of- bounds write issue Issue date: 2018-08-14 Updated on: 2018-08-14 (Initial Advisory) CVE number: CVE-2018-6973 1. Summary VMware Workstation and Fusion updates address an out-of-bounds write issue 2. Relevant Releases VMware Workstation Pro / Player (Workstation) VMware Fusion Pro, Fusion (Fusion) 3. Problem Description Workstation and Fusion e1000 device out-of-bounds write vulnerability VMware Workstation and Fusion contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host. VMware would like to thank Anonymous working with Trend Micro's Zero Day Initiative for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-6973 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Mitigation/ Product Version on Severity Apply patch Workaround =========== ======= ======= ======== ============= ========== ESXi Any Any N/A not affected N/A Workstation 14.x Any Critical 14.1.3 None Fusion 10.x OS X Critical 10.1.3 None 4. Solution Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. VMware Workstation Pro 14.1.3 Downloads and Documentation: https://www.vmware.com/go/downloadworkstation https://docs.vmware.com/en/VMware-Workstation-Pro/index.html VMware Workstation Player 14.1.3 Downloads and Documentation: https://www.vmware.com/go/downloadplayer https://docs.vmware.com/en/VMware-Workstation-Player/index.html VMware Fusion Pro / Fusion 10.1.3 Downloads and Documentation: https://www.vmware.com/go/downloadfusion https://docs.vmware.com/en/VMware-Fusion/index.html 5. References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6973 - - ----------------------------------------------------------------------- 6. Change log VMSA-2018-0022 2018-08-14 Initial security advisory in conjunction with the release of Workstation 14.1.3 and Fusion 10.1.3 on 2018-08-14 - - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW3tX5GaOgq3Tt24GAQheQhAAzGAPwYIvqjI9VJkI+p2KZBAxZm7njqot 27bRV1gbbjSgIHNb7S7b1lZo88Nnq+7kwVVuJFNudYPkR89cuX6ueoqyu2iKQjcU SbWJeAVuGWzID3tgBktp5g850NThDimWIuhHi3++PYn1ciOYOfBGR6dgulfC/FH1 iLx9CCPQwcXsGn7O4r6il6DvzMW0SrUrRxdYAkxXdP297hIcsMUUHyZTGmCdx96X lSJ6yzMJkTWj0z4vSIHQn+CKOB9HA3CidZVd9QX7WSVevBQkbxUedGbStVKNwLXC vTUm+3L8E8s4QTTXvBnt2Uu2x13KlwX7opgcMdxE7YNEiFmva6aibfJduXBLN9j9 LPki+YMfEvCj9yVlVeCB33LZrJCu2mwRZvyeOqbPHEx6rVHQwK9fRLdPoy3qvGDh rhdqAt5TNgUxn5rEscleiV6qmSCf+rHXE37NmgmHnkYTv7qiZf4jQ2gX3mD6wgjt t1WDD+uRhGQJk9n2MAiXbMcJFlug56zOxFitAEyeWtKUeyu9HWBb2Tm4mglm9bNd vkvnOosud2u6mYdCrjahq9MLExKM61J6swmi6FIHWWcz5sR+UgT3I410HOyYQlag dmF195u4grNezxVnlLjj8/PJamZeXTqJi/L1EblpnqcPPFXs0qWmqDL2S5B1a4rD QZ+C9JaymHw= =YaZB -----END PGP SIGNATURE-----