VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be able to crash the virtual machine's vmx process leading to a partial denial of service.
Attack Vector Local
Attack Complexity Low
Privileges Required Low
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact Low
User Interaction None
No CVSS v3.0
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
AV:L/AC:L/Au:N/C:N/I:N/A:P
Vendors | Products |
---|---|
Vmware |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2020-0011.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: vmware
Published: 2020-05-29T19:49:35
Updated: 2020-05-29T19:49:35
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-3959
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-29T20:15:11.687
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-3959
JSON object: View
Redhat Information
No data.
CWE