VMWARE ESXi,Workstation and Fusion out-of-bounds read vulnerability in SVGA device – 16thOct2018

Malware authors constantly seek new methods to obfuscate their code so as to evade detection by virus scanners. Have you heard shader code?
In order to avoid the vulnerability occurs, VMware Releases Security Updates on October 16, 2018.
ESXi has an out-of-bounds read vulnerability in the SVGA device that might allow a guest to execute code on the host (CVE-2018-6974).
The side effect of the Out-of-bounds read is serious. It allocates uninitialized Buffers when number is passed in input. An attacker could exploit this vulnerability to take control of an affected system.
Official announcement is shown as below:

https://www.vmware.com/security/advisories/VMSA-2018-0026.html

Buzz Lightyear slogan – To Infinity… and Beyond!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.