Description
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
Affected products
- VMware / Fusion11.x before 11.0.2 – 11.x before 11.0.2
- VMware / VMware ESXi6.7 before ESXi670-201904101-SG – 6.7 before ESXi670-201904101-SG
- VMware / VMware ESXi6.5 before ESXi650-201907101-SG – 6.5 before ESXi650-201907101-SG
- VMware / Workstation15.x before 15.0.2 – 15.x before 15.0.2