Security update for VMware Workstation Pro/Player etc.

[German]VMware has released security updates for its virtualization products VMware Workstation Pro, VMware Player, VMware ESXi and VMware Fusion.


VMware Security Advisory VMSA-2018-0027, dated of 9 November 2018, refers to critical vulnerabilities (CVE-2018-6981, CVE-2018-6982). The VMware ESXi, Workstation, and Fusion updates address an uninitialized stack memory usage vulnerability. This applies to the following products:

  • VMware vSphere ESXi (ESXi)
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion Pro, Fusion (Fusion)

VMware ESXi, Fusion and Workstation include an uninitialized stack usage in the virtual network adapter vmxnet3. This vulnerability could allow a guest to execute code on the host. The problem occurs when vmxnet3 is enabled. Non-vmxnet3 virtual adapters are not affected by this issue.

  • ESXi 6.7, Patch: ESXi670-201811401-BG
  • ESXi 6.5, Patch ESXi650-201811301-BG
  • ESXi 6.0, Patch ESXi600-201811401-BG
  • Workstation 15.x, Patch 15.0.1
  • Workstation 14.x, Patch 14.1.4
  • Fusion 11.x (OS X), Patch 11.0.1
  • Fusion 10.x (OS X), Patch 10.1.4

Details may be found within this VMware article or at Softpedia.


This entry was posted in Security, Update, Virtualization and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *