Multiple processor vulnerabilities in VMware ESXi



Published: 2022-07-13
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2022-29901
CVE-2022-28693
CVE-2022-23816
CVE-2022-23825
CWE-ID CWE-1037
CWE-843
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		VMware ESXi
Operating systems & Components / Operating system

Vendor VMware, Inc

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65220

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29901

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware ESXi: ESXi70U1b-17168206 - ESXi670-20211104001

CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2022-0020.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU65221

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-28693

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to unprotected alternative channel of return branch target prediction. A local user can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware ESXi: ESXi70U1b-17168206 - ESXi670-20211104001

CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2022-0020.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Type Confusion

EUVDB-ID: #VU65219

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-23816

CWE-ID: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware ESXi: ESXi70U1b-17168206 - ESXi670-20211104001

CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2022-0020.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Type Confusion

EUVDB-ID: #VU65204

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-23825

CWE-ID: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware ESXi: ESXi70U1b-17168206 - ESXi670-20211104001

CPE2.3 External links

http://www.vmware.com/security/advisories/VMSA-2022-0020.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###