CVE-2018-6983: Integer Overflow
First published: Tue Nov 27 2018(Updated: )
VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation | >=14.0.0<14.1.5 | |
| VMware Workstation | >=15.0.0<15.0.2 | |
| VMware Fusion | >=10.0.0<10.1.5 | |
| VMware Fusion | >=11.0.0<11.0.2 | |
| Apple Mac OS X |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-6983?
CVE-2018-6983 is an integer overflow vulnerability in VMware Workstation and Fusion, allowing a guest to execute code on the host.
Is VMware Workstation affected by CVE-2018-6983?
Yes, VMware Workstation versions before 15.0.2 and 14.1.5 are affected.
Is VMware Fusion affected by CVE-2018-6983?
Yes, VMware Fusion versions before 11.0.2 and 10.1.5 are affected.
What is the severity of CVE-2018-6983?
CVE-2018-6983 has a severity rating of 8.8 (high).
How can I fix CVE-2018-6983?
To fix CVE-2018-6983, update VMware Workstation to version 15.0.2 or 14.1.5, and update VMware Fusion to version 11.0.2 or 10.1.5.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware workstation
- version/vmware workstation/14.0.0
- version/vmware workstation/15.0.0
- canonical/vmware fusion
- version/vmware fusion/10.0.0
- version/vmware fusion/11.0.0
- vendor/apple
- canonical/apple mac os x