Security Focus – VMware (May 2019)

Preface: Intel flaw let VMware become victim (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) ! VMware Workstation update addresses a DLL-hijacking issue (CVE-2019-5526) looks not a news?

VMware Vulnerability details:

VMware Workstation update addresses a DLL-hijacking issue (CVE-2019-5526) –

VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)

Technical background: To improve the performance of writing data back to Intel CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. But a design limitation occurs which allows unauthorized users to access data used by other programs, containers, and virtual machines. So called Zombieload. ZombieLoad Attack affects all Intel CPUs since 2011.

VMware Security Advisories –