Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.3959 VMSA-2019-0019 - VMware ESXi, Workstation and Fusion updates address a denial-of-service vulnerability 25 October 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: VMware ESXi VMWare Workstation VMWare Fusion Publisher: VMWare Operating System: Virtualisation VMware ESX Server Impact/Access: Access Privileged Data -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-5536 CVE-2019-5522 Reference: ESB-2019.2043 Original Bulletin: https://www.vmware.com/security/advisories/VMSA-2019-0019.html - --------------------------BEGIN INCLUDED TEXT-------------------- VMware Security Advisories +-----------+-----------------------------------------------------------------+ |Advisory ID|VMSA-2019-0019 | +-----------+-----------------------------------------------------------------+ |Advisory |Moderate | |Severity | | +-----------+-----------------------------------------------------------------+ |CVSSv3 |6.3 | |Range | | +-----------+-----------------------------------------------------------------+ |Synopsis |VMware ESXi, Workstation and Fusion updates address a | | |denial-of-service vulnerability (CVE-2019-5536) | +-----------+-----------------------------------------------------------------+ |Issue Date |2019-10-24 | +-----------+-----------------------------------------------------------------+ |Updated On |2019-10-24 (Initial Advisory) | +-----------+-----------------------------------------------------------------+ |CVE(s) |CVE-2019-5536 | +-----------+-----------------------------------------------------------------+ 1. Impacted Products o VMware vSphere ESXi (ESXi) o VMware Workstation Pro / Player (Workstation) o VMware Fusion Pro / Fusion (Fusion) 2. Introduction VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability. Patches and workarounds are available to remediate this vulnerability in affected VMware products. 3. VMware ESXi, Workstation and Fusion shader denial-of-service vulnerability (CVE-2019-5536) Description: VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability in the shader functionality. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.3. Known Attack Vectors: Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. Resolution: To remediate CVE-2019-5536, apply the patches listed in the 'Fixed Version' column of the 'Resolution Matrix' found below. Workarounds: The workaround for this issue involves disabling the 3D-acceleration feature. Please see the 'Workarounds' column of the 'Resolution Matrix' found below. Additional Documentations: None. Notes: Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion. Acknowledgements: VMware would like to thank Piotr Bania of Cisco Talos for reporting this issue to us. Response Matrix: +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |Product |Version|Running|CVE |CVSSV3|Severity|Fixed Version |Workarounds |Additional| | | |On |Identifier | | | | |Documents | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |ESXi |6.7 |Any |CVE-2019-5522|6.3 |Moderate|ESXi670-201908101-SG|see VMSA-2018-0025|None | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |ESXi |6.5 |Any |CVE-2019-5536|6.3 |Moderate|ESXi650-201910401-SG|see VMSA-2018-0025|None | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |ESXi |6.0 |Any |CVE-2019-5536|N/A |N/A |Not affected |N/A |N/A | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |Workstation|15.x |Any |CVE-2019-5536|6.3 |Moderate|15.5.0 |see VMSA-2018-0025|None | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ |Fusion |11.x |OS X |CVE-2019-5536|6.3 |Moderate|11.5.0 |see VMSA-2018-0025|None | +-----------+-------+-------+-------------+------+--------+--------------------+------------------+----------+ 4. References Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5536 FIRST CVSSv3 Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/ I:N/A:H Fixed Version(s) and Release Notes: VMware ESXi 6.7 U3 Downloads and Documentation: https://my.vmware.com/web/vmware/details?productId=742&downloadGroup=ESXI67U3 https://docs.vmware.com/en/VMware-vSphere/6.7/rn/ vsphere-esxi-67u3-release-notes.html VMware ESXi 6.5 EP16 Downloads and Documentation: https://my.vmware.com/group/vmware/patch#search VMware Workstation Pro 15.5.0 Downloads and Documentation: https://www.vmware.com/go/downloadworkstation https://docs.vmware.com/en/VMware-Workstation-Pro/index.html VMware Workstation Player 15.5.0 Downloads and Documentation: https://www.vmware.com/go/downloadplayer https://docs.vmware.com/en/VMware-Workstation-Player/index.html VMware Fusion 11.5.0 Downloads and Documentation: https://www.vmware.com/go/downloadfusion https://docs.vmware.com/en/VMware-Fusion/index.html 5. Change log 2019-10-24: VMSA-2019-0019 Initial security advisory in conjunction with the release of ESXi 6.5 patch on 2019-10-24. 6. Contact E-mail list for product security notifications and announcements: https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: security-announce@lists.vmware.com bugtraq@securityfocus.com fulldisclosure@seclists.org E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories https://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC Copyright 2019 VMware Inc. All rights reserved. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXbKDG2aOgq3Tt24GAQgo9RAAyIignENNkyOYC23IPweRHrqqNdVcV++C YI9IQ3N6vQthUSJRxhxqeYWxMm4T/NDwCyvdzhhEbb7PrkCH0/EeoqVvRDTCKXIa Su68/iZ2XJt68MnWs3fnucMW0usfmeZh4sbribTNL7Zp2HD6phvgDoZ4xQXnLbt2 pwolItLpcCSUDponKhOtatPnzgm5GP4OxGG8jBvD6mwwovdm/3RE4e5Do/jYAMP3 5XqbheVxVt9X6YMtyJ3aBDLAn+TRFqi5j8VfX0Il+euVm2RpD7K6eC2ES7P0AiFw LBfraOR1VP3ZfQ9ZuL3Dt699LjhMJyefB3kfSfh5GlTZPfz70ugey+9FEMnIwYvM RJrWH+3JwzCa67g3eJITpkbppjE4yAPCIR/nlm3rwEB0o91jONu2D4jXNwSSrfOc piCG62eDfmx4TXrR5UQpI2CxOBUMV2BFY8b/IxKblbCI/pEPqDR00OZilnbwbmj7 t542LdX+5FB3rGy6bFCP/p6oSUJgIp1+XEZzaGD66hzrU8RTZ3YzGnBVww1k/q4a YGJV/Uzo7Vw+Zk6/SXkFURIDie0b6yEEVZ9GMfal1uETObBgh+kX4MgDG9p+gVt7 gxEIb+2Bt02pSuBGVewhal3TBffaV1D4+HM1Qt/ixCPyYcg0wOPriZQAEAfO015o nJnUMAH7fvo= =rQBj -----END PGP SIGNATURE-----