CVE-2018-6967

Опубликовано: 09 июл. 2018

Источник: nvd

CVSS3: 8.1

CVSS2: 5.5

EPSS Низкий

Описание

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6966.

Ссылки

http://www.securityfocus.com/bid/104709
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041208
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2018-0016.html
Vendor Advisory
http://www.securityfocus.com/bid/104709
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041208
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2018-0016.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*

Версия от 10.0 (включая) до 10.1.2 (исключая)

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.1.2 (исключая)

cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00392

Низкий

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-rfp7-37cm-29c6