First published: Mon Apr 15 2019(Updated: )
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator. Exploitation of these issues requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for these issues involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.
Credit: security@vmware.com security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Fusion | >=10.0.0<10.1.6 | |
VMware Fusion | >=11.0.0<11.0.3 | |
VMware Workstation | >=14.0.0<14.1.6 | |
VMware Workstation | >=15.0.0<15.0.3 | |
VMware ESXi | =6.5 | |
VMware ESXi | =6.5-650-201701001 | |
VMware ESXi | =6.5-650-201703001 | |
VMware ESXi | =6.5-650-201703002 | |
VMware ESXi | =6.5-650-201704001 | |
VMware ESXi | =6.5-650-201707101 | |
VMware ESXi | =6.5-650-201707102 | |
VMware ESXi | =6.5-650-201707103 | |
VMware ESXi | =6.5-650-201707201 | |
VMware ESXi | =6.5-650-201707202 | |
VMware ESXi | =6.5-650-201707203 | |
VMware ESXi | =6.5-650-201707204 | |
VMware ESXi | =6.5-650-201707205 | |
VMware ESXi | =6.5-650-201707206 | |
VMware ESXi | =6.5-650-201707207 | |
VMware ESXi | =6.5-650-201707208 | |
VMware ESXi | =6.5-650-201707209 | |
VMware ESXi | =6.5-650-201707210 | |
VMware ESXi | =6.5-650-201707211 | |
VMware ESXi | =6.5-650-201707212 | |
VMware ESXi | =6.5-650-201707213 | |
VMware ESXi | =6.5-650-201707214 | |
VMware ESXi | =6.5-650-201707215 | |
VMware ESXi | =6.5-650-201707216 | |
VMware ESXi | =6.5-650-201707217 | |
VMware ESXi | =6.5-650-201707218 | |
VMware ESXi | =6.5-650-201707219 | |
VMware ESXi | =6.5-650-201707220 | |
VMware ESXi | =6.5-650-201707221 | |
VMware ESXi | =6.5-650-201710001 | |
VMware ESXi | =6.5-650-201712001 | |
VMware ESXi | =6.5-650-201803001 | |
VMware ESXi | =6.5-650-201806001 | |
VMware ESXi | =6.5-650-201808001 | |
VMware ESXi | =6.5-650-201810001 | |
VMware ESXi | =6.5-650-201810002 | |
VMware ESXi | =6.5-650-201811001 | |
VMware ESXi | =6.5-650-201811002 | |
VMware ESXi | =6.5-650-201811301 | |
VMware ESXi | =6.5-650-201901001 | |
VMware ESXi | =6.7 | |
VMware ESXi | =6.7-670-201806001 | |
VMware ESXi | =6.7-670-201807001 | |
VMware ESXi | =6.7-670-201808001 | |
VMware ESXi | =6.7-670-201810001 | |
VMware ESXi | =6.7-670-201810101 | |
VMware ESXi | =6.7-670-201810102 | |
VMware ESXi | =6.7-670-201810103 | |
VMware ESXi | =6.7-670-201810201 | |
VMware ESXi | =6.7-670-201810202 | |
VMware ESXi | =6.7-670-201810203 | |
VMware ESXi | =6.7-670-201810204 | |
VMware ESXi | =6.7-670-201810205 | |
VMware ESXi | =6.7-670-201810206 | |
VMware ESXi | =6.7-670-201810207 | |
VMware ESXi | =6.7-670-201810208 | |
VMware ESXi | =6.7-670-201810209 | |
VMware ESXi | =6.7-670-201810210 | |
VMware ESXi | =6.7-670-201810211 | |
VMware ESXi | =6.7-670-201810212 | |
VMware ESXi | =6.7-670-201810213 | |
VMware ESXi | =6.7-670-201810214 | |
VMware ESXi | =6.7-670-201810215 | |
VMware ESXi | =6.7-670-201810216 | |
VMware ESXi | =6.7-670-201810217 | |
VMware ESXi | =6.7-670-201810218 | |
VMware ESXi | =6.7-670-201810219 | |
VMware ESXi | =6.7-670-201810220 | |
VMware ESXi | =6.7-670-201810221 | |
VMware ESXi | =6.7-670-201810222 | |
VMware ESXi | =6.7-670-201810223 | |
VMware ESXi | =6.7-670-201810224 | |
VMware ESXi | =6.7-670-201810225 | |
VMware ESXi | =6.7-670-201810226 | |
VMware ESXi | =6.7-670-201810227 | |
VMware ESXi | =6.7-670-201810228 | |
VMware ESXi | =6.7-670-201810229 | |
VMware ESXi | =6.7-670-201810230 | |
VMware ESXi | =6.7-670-201810231 | |
VMware ESXi | =6.7-670-201810232 | |
VMware ESXi | =6.7-670-201810233 | |
VMware ESXi | =6.7-670-201810234 | |
VMware ESXi | =6.7-670-201811001 | |
VMware ESXi | =6.7-670-201901001 | |
VMware ESXi | =6.7-670-201901401 | |
VMware ESXi | =6.7-670-201901402 | |
VMware ESXi | =6.7-670-201901403 | |
VMware ESXi | =6.7-670-201904201 | |
VMware ESXi | =6.7-670-201904202 | |
VMware ESXi | =6.7-670-201904203 | |
VMware ESXi | =6.7-670-201904204 | |
VMware ESXi | =6.7-670-201904205 | |
VMware ESXi | =6.7-670-201904206 | |
VMware ESXi | =6.7-670-201904207 | |
VMware ESXi | =6.7-670-201904208 | |
VMware ESXi | =6.7-670-201904209 | |
VMware ESXi | =6.7-670-201904210 | |
VMware ESXi | =6.7-670-201904211 | |
VMware ESXi | =6.7-670-201904212 | |
VMware ESXi | =6.7-670-201904213 | |
VMware ESXi | =6.7-670-201904214 | |
VMware ESXi | =6.7-670-201904215 | |
VMware ESXi | =6.7-670-201904216 | |
VMware ESXi | =6.7-670-201904217 | |
VMware ESXi | =6.7-670-201904218 | |
VMware ESXi | =6.7-670-201904219 | |
VMware ESXi | =6.7-670-201904220 | |
VMware ESXi | =6.7-670-201904221 | |
VMware ESXi | =6.7-670-201904222 | |
VMware ESXi | =6.7-670-201904223 | |
VMware ESXi | =6.7-670-201904224 | |
VMware ESXi | =6.7-670-201904225 | |
VMware ESXi | =6.7-670-201904226 | |
VMware ESXi | =6.7-670-201904227 | |
VMware ESXi | =6.7-670-201904228 | |
VMware ESXi | =6.7-670-201904229 | |
>=10.0.0<10.1.6 | ||
>=11.0.0<11.0.3 | ||
>=14.0.0<14.1.6 | ||
>=15.0.0<15.0.3 | ||
=6.5 | ||
=6.5-650-201701001 | ||
=6.5-650-201703001 | ||
=6.5-650-201703002 | ||
=6.5-650-201704001 | ||
=6.5-650-201707101 | ||
=6.5-650-201707102 | ||
=6.5-650-201707103 | ||
=6.5-650-201707201 | ||
=6.5-650-201707202 | ||
=6.5-650-201707203 | ||
=6.5-650-201707204 | ||
=6.5-650-201707205 | ||
=6.5-650-201707206 | ||
=6.5-650-201707207 | ||
=6.5-650-201707208 | ||
=6.5-650-201707209 | ||
=6.5-650-201707210 | ||
=6.5-650-201707211 | ||
=6.5-650-201707212 | ||
=6.5-650-201707213 | ||
=6.5-650-201707214 | ||
=6.5-650-201707215 | ||
=6.5-650-201707216 | ||
=6.5-650-201707217 | ||
=6.5-650-201707218 | ||
=6.5-650-201707219 | ||
=6.5-650-201707220 | ||
=6.5-650-201707221 | ||
=6.5-650-201710001 | ||
=6.5-650-201712001 | ||
=6.5-650-201803001 | ||
=6.5-650-201806001 | ||
=6.5-650-201808001 | ||
=6.5-650-201810001 | ||
=6.5-650-201810002 | ||
=6.5-650-201811001 | ||
=6.5-650-201811002 | ||
=6.5-650-201811301 | ||
=6.5-650-201901001 | ||
=6.7 | ||
=6.7-670-201806001 | ||
=6.7-670-201807001 | ||
=6.7-670-201808001 | ||
=6.7-670-201810001 | ||
=6.7-670-201810101 | ||
=6.7-670-201810102 | ||
=6.7-670-201810103 | ||
=6.7-670-201810201 | ||
=6.7-670-201810202 | ||
=6.7-670-201810203 | ||
=6.7-670-201810204 | ||
=6.7-670-201810205 | ||
=6.7-670-201810206 | ||
=6.7-670-201810207 | ||
=6.7-670-201810208 | ||
=6.7-670-201810209 | ||
=6.7-670-201810210 | ||
=6.7-670-201810211 | ||
=6.7-670-201810212 | ||
=6.7-670-201810213 | ||
=6.7-670-201810214 | ||
=6.7-670-201810215 | ||
=6.7-670-201810216 | ||
=6.7-670-201810217 | ||
=6.7-670-201810218 | ||
=6.7-670-201810219 | ||
=6.7-670-201810220 | ||
=6.7-670-201810221 | ||
=6.7-670-201810222 | ||
=6.7-670-201810223 | ||
=6.7-670-201810224 | ||
=6.7-670-201810225 | ||
=6.7-670-201810226 | ||
=6.7-670-201810227 | ||
=6.7-670-201810228 | ||
=6.7-670-201810229 | ||
=6.7-670-201810230 | ||
=6.7-670-201810231 | ||
=6.7-670-201810232 | ||
=6.7-670-201810233 | ||
=6.7-670-201810234 | ||
=6.7-670-201811001 | ||
=6.7-670-201901001 | ||
=6.7-670-201901401 | ||
=6.7-670-201901402 | ||
=6.7-670-201901403 | ||
=6.7-670-201904201 | ||
=6.7-670-201904202 | ||
=6.7-670-201904203 | ||
=6.7-670-201904204 | ||
=6.7-670-201904205 | ||
=6.7-670-201904206 | ||
=6.7-670-201904207 | ||
=6.7-670-201904208 | ||
=6.7-670-201904209 | ||
=6.7-670-201904210 | ||
=6.7-670-201904211 | ||
=6.7-670-201904212 | ||
=6.7-670-201904213 | ||
=6.7-670-201904214 | ||
=6.7-670-201904215 | ||
=6.7-670-201904216 | ||
=6.7-670-201904217 | ||
=6.7-670-201904218 | ||
=6.7-670-201904219 | ||
=6.7-670-201904220 | ||
=6.7-670-201904221 | ||
=6.7-670-201904222 | ||
=6.7-670-201904223 | ||
=6.7-670-201904224 | ||
=6.7-670-201904225 | ||
=6.7-670-201904226 | ||
=6.7-670-201904227 | ||
=6.7-670-201904228 | ||
=6.7-670-201904229 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.