E1000 NIC Out of Bounds Write Vulnerability

by · Published · Updated

E1000 Device Out of Bounds Write Vulnerability

VMware has detect vulnerability on some products against E1000 NIC. The issue may allow a guest to execute code on the host. If you have any running virtual machine on VMware Workstation 14.x and Fusion 10.x, you must stop them and apply patch to the mentioned products before running any other virtual machine.

Hopefully, ESXi has not affected by this vulnerability.

VMware Product Product Version Running on Severity Replace with or Apply Patch Mitigation or Workaround
ESXi Any Any N/A Not Affected None
Workstation 14.x Any Critical 14.1.3 None
Fusion 10.x OS X Critical 10.1.3 None

VMware Workstation Pro 14.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://docs.vmware.com/en/VMware-Workstation-Pro/index.html

 

VMware Workstation Player 14.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://docs.vmware.com/en/VMware-Workstation-Player/index.html

VMware Fusion Pro / Fusion 10.1.3
Downloads and Documentation:
https://www.vmware.com/go/downloadfusion
https://docs.vmware.com/en/VMware-Fusion/index.html

More on Teimouri.Net

VMware Tools Client – Interact with a VM without Network Connectivity

[Review]: What’s Remote Direct Memory Access(RDMA)?

Add existing virtual desktops to “Automated Pool” in VMware View manually

Update VMware Tools Automatically

[Download]: Critical HPE Servers ROM Update – Spectre Vulnerability

Davoud Teimouri

Professional blogger, vExpert 2015/2016/2017/2018/2019/2020/2021/2022/2023, vExpert NSX, vExpert PRO, vExpert Security, vExpert EUC, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *