ClickCease VMware Workstation and Fusion: Critical Security Flaws Fixed

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

VMware Workstation and Fusion: Critical Security Flaws Fixed

Rohan Timalsina

May 30, 2024 - TuxCare expert team

VMware, a leading virtualization technology company, has fixed multiple security vulnerabilities found in VMware Workstation and Fusion products. These flaws, if exploited, could allow attackers to cause a denial of service, obtain sensitive information, and execute arbitrary code. The affected versions are Workstation 17.x and Fusion 13.x, with patches available in versions 17.5.2 and 13.5.2 respectively.

 

Vulnerabilities in VMware Workstation and Fusion

 

CVE-2024-22267 (CVSS score: 9.3): This is a use-after-free vulnerability in the vbluetooth device which can be exploited by an attacker if they have local administrative privileges on the VM. It allows them to execute code as the VMX process running on the host machine. The high CVSS score underscores its potential impact and the urgency of applying the patch.

CVE-2024-22268 (CVSS score: 7.1): This is a heap buffer-overflow vulnerability in the Shader functionality. An attacker can leverage this to crash the virtual machine (DoS condition). The attacker doesn’t need special permissions inside the virtual machine (no admin rights), however, the virtual machine needs to have 3D graphics enabled for the vulnerability to be exploited.

CVE-2024-22269 (CVSS score: 7.1): An information disclosure vulnerability was found in the vbluetooth device. An attacker can exploit this issue to read privileged information in a critical part of the system (“hypervisor memory”) from the virtual machine. The attacker needs to have administrative privileges on the virtual machine (VM admin rights).

CVE-2024-22270 (CVSS score: 7.1): Another information disclosure vulnerability, this one exists in the Host Guest File Sharing (HGFS) functionality. Similar to CVE-2024-22269, it allows an attacker with local administrative privileges on a VM to steal privileged information from the hypervisor memory.

 

Mitigations and Recommendations

 

To safeguard systems against these vulnerabilities, VMware users should promptly update to the latest versions—17.5.2 for Workstation and 13.5.2 for Fusion. This is the most effective way to fix the vulnerabilities.

Temporary Workarounds (until you patch):

Disable Bluetooth Support: Turning off Bluetooth support on the virtual machine can help mitigate the risks associated with CVE-2024-22267 and CVE-2024-22269.

Disable 3D Acceleration: Disabling the 3D acceleration feature (if not needed) can help mitigate the risk of a DoS condition posed by CVE-2024-22268.

However, it’s important to note that there are no mitigations for CVE-2024-22270 other than updating to the latest version.

 

Conclusion

 

The latest advisory warns about security vulnerabilities in VMware products that could allow attackers to take control of virtual machines or steal sensitive information. These vulnerabilities in VMware Workstation and Fusion underscore the importance of maintaining up-to-date software and staying vigilant about potential security threats. Users are strongly encouraged to apply the latest patches and follow the recommended mitigation strategies to protect their systems from potential exploitation.

 

The sources for this article include a story from TheHackerNews.

Summary
VMware Workstation and Fusion: Critical Security Flaws Fixed
Article Name
VMware Workstation and Fusion: Critical Security Flaws Fixed
Description
Multiple vulnerabilities in VMware Workstation and Fusion could lead to DoS, code execution, and data leaks. Update now for security!
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter