Vmware VMSA 2020-0015.1 Açığı

Merhaba,

VMware ESXI, VMware workstatiton Pro, VMware Fusion Pro ve VMware Cloud Foundation ürünlerinin etkilendiği critical(kritik) güvenlik açığı VMSA-2020-0015.1 ID’ si ile 23 Haziran’ da duyuruldu.

CVE(s)‘ ler ise aşağıda ki gibidir;

• Use-after-free vulnerability in SVGA device (CVE-2020-3962)

• Off-by-one heap-overflow vulnerability in SVGA device (CVE-2020-3969)

• Out-of-bound read issue in Shader Functionality (CVE-2020-3970)

• Heap-overflow issue in EHCI controller (CVE-2020-3967)

• Out-of-bounds write vulnerability in xHCI controller (CVE-2020-3968)

• Heap-overflow due to race condition in EHCI controller (CVE-2020-3966)

• Information leak in the XHCI USB controller (CVE-2020-3965)

• Use-after-free vulnerability in PVNVRAM (CVE-2020-3963)

• Heap overflow vulnerability in vmxnet3 (CVE-2020-3971)

Aşağıda link üzerinden detaylara erişebilir, gerekli güncellemeleri indirebilirsiniz.

https://www.vmware.com/security/advisories/VMSA-2020-0015.html?fbclid=IwAR15QsVDFq8drkzZW2LhqttGL4y2oFbP_83eza3MzjBuE1pp7U3opOlYUPQ

Hoşçakalın…