VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
Description
The vulnerabilities in the following products could cause the system to become vulnerable to malicious security attack: VMware Player
Analysis
Intel has disclosed details on speculative-execution vulnerabilities known collectively as Microarchitectural Data Sampling (MDS)' that can occur on Intel microarchitecture prior to 2nd Generation Intel Xeon Scalable Processors (formerly known as Cascade Lake). These issues may allow a malicious user who can locally execute code on a system to infer data otherwise protected by architectural mechanisms.Affected Applications
VMware Player