VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation.

The important-rated vulnerabilities are CVE-2019-5540, CVE-2019-5541 and CVE-2019-5542 and impact VMware Workstation Pro / Player and VMware Fusion Pro/Fusion.

  • CVE-2019-5541 covers an out-of-bounds write vulnerability in e1000e virtual network adapter that could lead to lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition on their own VM.
  • CVE-2019-5540 is an information disclosure vulnerability in vmnetdhcp that if abused could allow an attacker on a guest VM to disclose sensitive information by leaking memory from the host process.
  • CVE-2019-5542 refers to a denial-of-service vulnerability in the RPC handler giving attackers with normal user privileges to create a denial-of-service condition on their own VM.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.