Data Centre

Virtualization

Video nasty lets VMware guests run code on hosts

It's 2017 and SVGA device can p0wn enterprise software. Sigh

By Simon Sharwood

14 SHARE

VMware's given vAdmins a busy Friday by disclosing three nasties to patch.

One's a video nasty dubbed CVE-2017-4924 and impacts VMware ESXi, and the desktop hypervisors Workstation & Fusion. This one's “an out-of-bounds write vulnerability in SVGA driver device*” , an old virtual graphics card toolkit. The bug “may allow a guest to execute code on the host.”

There's a critical patch for ESXi 6.5, and a call to upgrade Workstation 12.x to version 12.5.7. Fusion 8.x users should get to version 8.5.8 as a matter of urgency. ESXi 6.0 and 5.5 don't have the problem.

The three products also have a NULL pointer dereference vulnerability that “occurs when handling guest RPC requests” and “may allow attackers with normal user privileges to crash their VMs.” This one's graded “moderate” and effects ESXi 5.5 through 6.5, plus Workstation 12.x and Fusion 8.x. Check out CVE-2017-4925 for details, once they land.

vCenter Server users also have something to worry about, as version 6.5 has a moderate bug that “may allow for stored cross-site scripting” as “An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page.”

Version 6.5 U1 squashes the bug. ®

* That's VMware's mistake we've struck out - Security Advisory VMSA-2017-0015 received a .1 upgrade to correct the error.

Sign up to our NewsletterGet IT in your inbox daily

14 Comments

More from The Register

VMware's GM for networking and security jumps to Google

Veteran Jeff Jennings to get the band back together with VMware founder Diane Greene

Dell's hokey cokey IPO takes new turn – VMware in, VMware out....

Investor roadshow delayed as Mick D considers alternative plan

VMware, AWS preview database-on-vSphere

VMworld US Database ops need less 'muck' says AWS boss Andy Jassy

Slow your roll: VMware urges admins to apply workarounds to DoS-inducing 3D render vuln

Take your foot off the accelerator, admins told

Tax me if you can: VMware UK tosses shrunken offering to HMRC

Just 11.52% on pretax profit. Virtualization juggernaut doing well in the distie stakes

VMware and Lenovo are about to hit go-go on Project Dimension beta

Software-defined, hybrid cloud components, sold as-a-service that's delivered on-prem? WTF?

Who wants to read 34 pages about getting VMware Private Cloud to run on NetApp HCI?

Deployment in 'less than 30 min' – but not including reading the manual

VMware's latest financial figures look virtually healthy if you page out Pivotal cash-splash loss

Plus: Pat Gelsinger reckons tech will do well in 2020, even if the US economy tanks

Google hands out roses to preferred Android MDM vendors

Lucky few get Chocolate Factory's endorsement as Enterprise Mobility Management

Google, VMware and Pivotal team for on-premises Kubernetes

VMworld 2017 Apparently some of you want to cuddle containers