CVE-2019-5541

Published: Nov 20, 2019Modified: Nov 21, 2024

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability: 2.3 / Impact: 6.0

Source: NVD

Description

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM.

Affected (2)

Products: Vmware: Workstation, Fusion

2 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Vmware Workstation	From 15.0.0 to 15.5.1

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vmware Fusion	From 11.0.0 to 11.5.1

Running on/with	Platform Versions
Apple Mac Os X	All versions

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.vmware.com/security/advisories/VMSA-2019-0021.html

Source: security@vmware.com

PatchVendor Advisory

https://www.vmware.com/security/advisories/VMSA-2019-0021.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.