CVE-2020-3995
published 2020-10-20CVE-2020-3995: In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host…
medium5.3CVSS 3.1
AVNACHPRLUINSUCNINAH
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 3.9 | 3.9 |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | fusion | >= 11.0.0 < 11.1.0 | 11.1.0 |
| vmware | workstation | >= 15.0.0 < 15.1.0 | 15.1.0 |