ASA-2019-00275 – VMware: Hypervisor-Specific Mitigations for MDS vulnerabilities

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00275

Identifier(s)

ASA-2019-00275, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, VMSA-2019-0008

Title

Hypervisor-Specific Mitigations for MDS vulnerabilities

Vendor(s)

VMware

Product(s)

VMware vCenter Server
VMware ESXi
VMware Workstation
VMware Fusion

Affected version(s)

VMware vCenter Server versions 6.0, 6.5 and 6.7
VMware ESXi versions 6.0, 6.5 and 6.7
VMware Workstation versions 15.x
VMware Fusion versions 11.x

Fixed version(s)

VMware vCenter Server versions 6.0 U3i, 6.5 U2g and 6.7 U2a
VMware ESXi versions ESXi670-201905401-BG, ESXi670-201905402-BG, ESXi670-201905403-BG, ESXi650-201905401-BG, ESXi650-201905402-BG, ESXi600-201905401-BG and ESXi600-201905402-BG
VMware Workstation version 15.1.0
VMware Fusion version 11.1.0

Proof of concept

Unknown

Description

vCenter Server, ESXi, Workstation, and Fusion updates include Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities.

A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms from another virtual machine or the hypervisor itself via MDS vulnerabilities.

There are two known attack vector variants for MDS at the Hypervisor level:

  • Sequential-context attack vector (Inter-VM): a malicious VM can potentially infer recently accessed data of a previous context (hypervisor thread or other VM thread) on either logical processor of a processor core.
  • Concurrent-context attack vector (Inter-VM): a malicious VM can potentially infer recently accessed data of a concurrently executing context (hypervisor thread or other VM thread) on the other logical processor of the Hyper-Threading-enabled processor core.

Technical details

Unknown

Credits

Unknown

Reference(s)

VMSA-2019-0008 – VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
https://lists.vmware.com/pipermail/security-announce/2019/000456.html

VMSA-2019-0008
https://www.vmware.com/security/advisories/VMSA-2019-0008.html

CVE-2018-12126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126

CVE-2018-12126
https://nvd.nist.gov/vuln/detail/CVE-2018-12126

CVE-2018-12127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127

CVE-2018-12127
https://nvd.nist.gov/vuln/detail/CVE-2018-12127

CVE-2018-12130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130

CVE-2018-12130
https://nvd.nist.gov/vuln/detail/CVE-2018-12130

CVE-2019-11091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091

CVE-2019-11091
https://nvd.nist.gov/vuln/detail/CVE-2019-11091

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: May 16, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.