silversurfer

Level 44
Content Creator
AV-Tester
Verified
Joined
Aug 17, 2014
Messages
3,384
OS
Windows 10
Antivirus
Default-Deny
#1
According to VMware's security announcement, the products affected are VMWare vSphere ESXi (ESXi), VMware Workstation Pro / Player (Workstation), and VMware Fusion Pro, Fusion (Fusion).

"VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host," says VMware's VMSA-2018-0027 advisory.

It's also important to mention that according to VMware "The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are not affected by this issue."

The CVE-2018-6981 security issue was initially reported by GeekPwn2018's organizers and Chaitin Tech's security researcher Zhangyanyu.