CVE-2017-4934 VMware Workstation and Fusion Multiple Vulnerabilities (VMSA-2017-0018)

漏洞类别:Local

漏洞等级:

漏洞信息

VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.

Multiple vulnerabilities were reported in VMware Workstation and Fusion.
A local user on the guest system can trigger a heap overflow in the VMNAT device to execute arbitrary code on the host system [CVE-2017-4934].
A local user on the guest system can trigger an out-of-bounds memory write error in Cortado ThinPrint (‘TPView.dll’) to cause denial of service conditions or execute arbitrary code on the host system [CVE-2017-4935]. Systems with virtual printing enabled are affected. VMware Fusion is not affected.
A local user on the guest system can trigger an out-of-bounds memory read error in Cortado ThinPrint (‘TPView.dll’) in the in JPEG2000 parser to cause denial of service conditions or execute arbitrary code on the host system [CVE-2017-4936, CVE-2017-4937]. Systems with virtual printing enabled are affected.
A local user on the guest system can trigger an RPC null pointer dereference to cause the guest system to crash [CVE-2017-4938].
A local user can exploit a DLL hijacking flaw in the installer to potentially execute arbitrary code [CVE-2017-4939].

Affected Versions
VMware Fusion prior to 8.5.9,
VMware Workstation prior to 12.5.8

Detection Logic(Unauthenticated):
This QID checks for vulnerable versions of vmware.exe and Fusion.

漏洞危害

A local user on the guest system can cause denial of service conditions on the guest system.
A local user on the guest system can gain elevated privileges on the host system.

解决方案

VMware has issued a fix (Fusion 8.5.9, Workstation 12.5.8).
Refer to VMSA-2017-0018 for further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

VMSA-2017-0018: Windows

VMSA-2017-0018: MAC OS X

Leave a Reply