Today, VMware has released the following new security advisory:
“VMSA-2018-0017 – VMware Tools update addresses an out-of-bounds read vulnerability”
This documents the remediation of an important severity out-of-bounds read vulnerability (CVE-2018-6969) in VMware Tools. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. File sharing must be enabled to be able to exploit this issue.
VMware Tools 10.x and prior versions are affected. This issue has been addressed in VMware Tools 10.3.0.
We would like to thank Anurudh for reporting this issue to us.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisories and direct any questions to VMware Support.