ESXi
CVE-2020-3995
MEDIUM
Severity by source
AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time.
AnalysisAI
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.
Technical ContextAI
This vulnerability is classified as Memory Leak (CWE-401), which allows attackers to exhaust available memory leading to denial of service. In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time. Affected products include: Vmware Esxi, Vmware Cloud Foundation, Vmware Workstation, Vmware Fusion. Version information: before 15.1.0.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Ensure all allocated memory is properly freed. Use RAII patterns or garbage-collected languages.
VMware ESXi and Workstation contain a TOCTOU race condition leading to out-of-bounds write, allowing local administrator
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 t
VMware ESXi contains an arbitrary write vulnerability that allows privileged VMX process users to trigger kernel writes,
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability via HGFS out-of-bounds read, allowi
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. Rated critical severity (CVSS 9.8),
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services.
The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi
Same weakness CWE-401 – Memory Leak
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today