Allele Security Alert
ASA-2019-00276
Identifier(s)
ASA-2019-00276, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, VMSA-2019-0008
Title
Hypervisor-Assisted Guest Mitigations for MDS vulnerabilities
Vendor(s)
VMware
Product(s)
VMware vCenter Server
VMware ESXi
VMware Workstation
VMware Fusion
Affected version(s)
VMware vCenter Server versions 6.0, 6.5 and 6.7
VMware ESXi versions 6.0, 6.5 and 6.7
VMware Workstation versions 15.x
VMware Fusion versions 11.x
Fixed version(s)
VMware vCenter Server versions 6.0 U3i, 6.5 U2g and 6.7 U2a
VMware ESXi versions ESXi670-201905401-BG, ESXi670-201905402-BG, ESXi670-201905403-BG, ESXi650-201905401-BG, ESXi650-201905402-BG, ESXi600-201905401-BG and ESXi600-201905402-BG
VMware Workstation version 15.1.0
VMware Fusion version 11.1.0
Proof of concept
Unknown
Description
vCenter Server, ESXi, Workstation, and Fusion updates support Hypervisor-Assisted Guest Mitigations for MDS speculative execution vulnerabilities.
A malicious user must have local access to a virtual machine and the ability to execute code to infer data otherwise protected by architectural mechanisms within the Guest Operating System (Intra-VM) via MDS vulnerabilities. Virtual Machines hosted by VMware Hypervisors running on 2nd Generation Intel® Xeon® Scalable Processors (formerly known as Cascade Lake) are not affected by MDS vulnerabilities.
There are two known attack vector categories for MDS at the Virtual Machine level:
- Sequential-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a previous context otherwise protected by architectural mechanisms in the context of the same Virtual Machine.
- Concurrent-context attack vector (Intra-VM): a malicious local user of a Virtual Machine can potentially infer recently accessed data of a concurrently executing context on the other logical processor of the Hyper-Threading-enabled processor core in the context of the same Virtual Machine.
Technical details
Unknown
Credits
Unknown
Reference(s)
VMSA-2019-0008 – VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
https://lists.vmware.com/pipermail/security-announce/2019/000456.html
VMSA-2019-0008
https://www.vmware.com/security/advisories/VMSA-2019-0008.html
CVE-2018-12126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126
CVE-2018-12126
https://nvd.nist.gov/vuln/detail/CVE-2018-12126
CVE-2018-12127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127
CVE-2018-12127
https://nvd.nist.gov/vuln/detail/CVE-2018-12127
CVE-2018-12130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130
CVE-2018-12130
https://nvd.nist.gov/vuln/detail/CVE-2018-12130
CVE-2019-11091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091
CVE-2019-11091
https://nvd.nist.gov/vuln/detail/CVE-2019-11091
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 16, 2019