VMware has released a new security advisory: VMSA-2018-0008 – Workstation and Fusion updates address a denial-of-service vulnerability.
This advisory documents the remediation of one issue, rated with a severity of Important. VMware Workstation and Fusion contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. A successfully exploitation of the vulnerability will result in a virtual machine shutdown.
The identifier CVE-2018-6957 was assigned to this vulnerability. The vulnerability was discovered by a Cisco Talos researcher.
“[…] as long as and attacker can initiate a bunch of TCP connection to the VNC server (each successful connection increments it twice), without even sending any other datagrams, an attacker can eventually shutdown the connected virtual machine.” – Talos Vulnerability Report
Affected products and resolutions:
- Workstation 14.x – update to 14.1.1
- Workstation 12.x – enable VNC authentication – KB52934
- Fusion 10.x – update to 10.1.1
- Fusion 8.x – enable VNC authentication – KB52934
The suggested upgrades for Workstation 14.1.1 and Fusion 10.1.1 will also protect you against two other vulnerabilities reported in VMware Security Advisory VMSA-2018-0005: use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled and an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled.
You can check reports on other VMware vulnerabilities in my page dedicated to Security Advisories.