CVE-2018-6974

Summary

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

Affected Software

VendorProductVersion RangeStatus
VMwareESXi6.7 before ESXi670-201810101-SGaffected
VMwareESXi6.5 before ESXi650-201808401-BGaffected
VMwareESXi6.0 before ESXi600-201808401-BGaffected
VMwareWorkstation14.x before 14.1.3affected
VMwareFusion10.x before 10.1.3affected

Weaknesses

  • Out-of-bounds read vulnerability

ADP Enrichment

CVE Program Container

Additional References

References