E1000 NIC Out of Bounds Write Vulnerability
E1000 Device Out of Bounds Write Vulnerability
VMware has detect vulnerability on some products against E1000 NIC. The issue may allow a guest to execute code on the host. If you have any running virtual machine on VMware Workstation 14.x and Fusion 10.x, you must stop them and apply patch to the mentioned products before running any other virtual machine.
Hopefully, ESXi has not affected by this vulnerability.
| VMware Product | Product Version | Running on | Severity | Replace with or Apply Patch | Mitigation or Workaround |
| ESXi | Any | Any | N/A | Not Affected | None |
| Workstation | 14.x | Any | Critical | 14.1.3 | None |
| Fusion | 10.x | OS X | Critical | 10.1.3 | None |
VMware Workstation Pro 14.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://docs.vmware.com/en/VMware-Workstation-Pro/index.html
VMware Workstation Player 14.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://docs.vmware.com/en/VMware-Workstation-Player/index.html
VMware Fusion Pro / Fusion 10.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadfusion
https://docs.vmware.com/en/VMware-Fusion/index.html
More on Teimouri.Net
VMware Tools Client – Interact with a VM without Network Connectivity
[Review]: What’s Remote Direct Memory Access(RDMA)?
Add existing virtual desktops to “Automated Pool” in VMware View manually
Update VMware Tools Automatically
[Download]: Critical HPE Servers ROM Update – Spectre Vulnerability
