CVE-2018-6966Out-of-bounds Read in Vmware Fusion

CWE-125Out-of-bounds Read3 documents3 sources
Severity
8.1HIGHNVD
EPSS
0.4%
top 41.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Vmware FusionVmware WorkstationVmware Esxi
Timeline
PublishedJul 9
Latest updateMay 13

Description

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

NVDvmware/fusion10.010.1.2
NVDvmware/workstation14.014.1.2
NVDvmware/esxi6.7

🔴Vulnerability Details

2
GHSA
GHSA-9mxp-fhjm-5wwh: VMware ESXi (62022-05-13
CVEList
CVE-2018-6966: VMware ESXi (62018-07-09
CVE-2018-6966 — Out-of-bounds Read in Vmware Fusion | cvebase