VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)

description-logoDescription

The vulnerabilities in the following products could cause the system to become vulnerable to malicious security attack: VMware Player

Analysis

Intel has disclosed details on speculative-execution vulnerabilities known collectively as Microarchitectural Data Sampling (MDS)' that can occur on Intel microarchitecture prior to 2nd Generation Intel Xeon Scalable Processors (formerly known as Cascade Lake). These issues may allow a malicious user who can locally execute code on a system to infer data otherwise protected by architectural mechanisms.

affected-products-logoAffected Applications

VMware Player