VMware Plugs Hole in Virtual Graphics Card

Wednesday, October 17, 2018 @ 11:10 AM gHale

VMware released a patch fixing a critical arbitrary code execution vulnerability in the SVGA virtual graphics card used by its Workstation, ESXi and Fusion products.

ESXi, Fusion and Workstation are affected by an out-of-bounds read vulnerability in the SVGA device.

RELATED STORIES
VMware Patches ESXi, Workstation, Fusion Holes
VMware Clears Remote Code Execution Issue
New Backdoor Based on Hacking Team Tool
Android-Based Malware Attack Spotted

The flaw, tracked as CVE-2018-6974, can be exploited by a malicious guest to execute arbitrary code on the host, VMware said in an advisory.

The vulnerability was reported to VMware by an anonymous researcher through Trend Micro’s Zero Day Initiative (ZDI).

ZDI’s advisory describes the security hole as a heap-based buffer overflow that allows a local attacker with low privileges on the system to escalate permissions and execute arbitrary code. ZDI said the flaw was reported to VMware in mid-June.

“The specific flaw exists within the handling of virtualized SVGA,” ZDI said. “The issue results from the lack of proper validation of user-supplied data, which can result in an overflow of a heap-based buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS.”



Leave a Reply

You must be logged in to post a comment.