Monday, June 1, 2020

Vulnerability Spotlight: VMware Workstation 15 denial-of-service vulnerability

Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

Cisco Talos recently discovered a denial-of-service vulnerability in VMware Workstation 15. VMware
allows users to set up virtual machines and operate various operating systems outside of the ones designed for their machines. This vulnerability exists in VMware guest mode, and could allow an attacker to cause a panic condition in VMware host, leading to a crash.

In accordance with our coordinated disclosure policy, Cisco Talos worked with VMware to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details

VMware Workstation 15 shader functionality round_ni denial-of-service vulnerability (TALOS-2019-0957/CVE-2019-3958)

An exploitable denial-of-service vulnerability exists in VMware Workstation, version 15.5.0, build-14665864. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from a VMware guest and the VMware host will be affected, leading to vmware-vmx.exe process crash on the host.

Read the complete vulnerability advisory here for additional information.

Versions tested

Talos tested and confirmed that this vulnerability affects VMware Workstation 15, version 15.5.0, build-14665864, with Windows 10 x64 as guest VM.

Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 52269, 52270

No comments:

Post a Comment