ASA-2019-00235 – VMware: Multiple shader translator out-of-bounds read vulnerabilities


Allele Security Alert

ASA-2019-00235

Identifier(s)

ASA-2019-00235, CVE-2019-5517, VMSA-2019-0006

Title

Multiple shader translator out-of-bounds read vulnerabilities

Vendor(s)

VMware

Product(s)

VMware ESXi
VMware Workstation
VMware Fusion

Affected version(s)

VMware ESXi 6.7
VMware ESXi 6.5
VMware Workstation 15.x
VMware Workstation 14.x
VMware Fusion 11.x
VMware Fusion 10.x

Fixed version(s)

VMware ESXi 6.7 ESXi670-201904101-SG
VMware ESX 6.5 ESXi650-201903001
VMware Workstation 15.0.3
VMware Workstation 14.1.6
VMware Fusion 11.0.3
VMware Fusion 10.1.6

Proof of concept

Unkown

Description

VMware ESXi, Workstation and Fusion contain multiple out-of-bounds read vulnerabilities in the shader translator. Exploitation of these issues requires an attacker to have access to a virtual machine with 3D graphics enabled.  Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.  The workaround for these issues involves disabling the 3D-acceleration feature.  This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.

Technical details

Unknown

Credits

RanchoIce (Tencent Security ZhanluLab)

Reference(s)

VMSA-2019-0006
https://www.vmware.com/security/advisories/VMSA-2019-0006.html

CVE-2019-5517
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5517

CVE-2019-5517
https://nvd.nist.gov/vuln/detail/CVE-2019-5517

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: April 28, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.