VMSA-2018-0012:VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

VMware Tanzu Application Service

0 more products

23540

20 May 2018

20 May 2018

CLOSED

MEDIUM

CVE-2018-3639

VMSA-2018-0012.1

VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

VMware Security Advisory
 
VMware Security Advisory Advisory ID:
 VMSA-2018-0012.1
VMware Security Advisory Severity:
 Moderate
VMware Security Advisory Synopsis:
VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.
VMware Security Advisory Issue date:
 2018-05-21
VMware Security Advisory Updated on:
 2018-06-28
VMware Security Advisory CVE numbers:
 CVE-2018-3639
1. Summary

VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

 

The mitigations in this advisory are categorized as Hypervisor-Assisted Guest Mitigations described by VMware Knowledge Base article 54951. KB54951 also covers CVE-2018-3640 mitigations which do not require VMware product updates.

 
2. Relevant Products
  • VMware vCenter Server (VC)
  • VMware vSphere ESXi (ESXi)
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion Pro / Fusion (Fusion)   
 
3. Problem Description

vCenter Server, ESXi, Workstation, and Fusion update speculative execution control mechanism for Virtual Machines (VMs). As a result, a patched Guest Operating System (GOS) can remediate the Speculative Store bypass issue (CVE-2018-3639) using the Speculative-Store-Bypass-Disable (SSBD) control bit. This issue may allow for information disclosure in applications and/or execution runtimes which rely on managed code security mechanisms. Based on current evaluations, we do not believe that CVE-2018-3639 could allow for VM to VM or Hypervisor to VM Information disclosure.

 

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-3639 to this issue.

 

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

VMware Product
Product Version
Running on
Severity
Replace with/ Apply Patch
Mitigation/ Workaround
VMware ProductVC
Product Version6.7
Running on Any
SeverityModerate
Replace with/ Apply Patch6.7.0b*
Mitigation/ WorkaroundNone
VMware ProductVC
Product Version6.5
Running on Any
SeverityModerate
Replace with/ Apply Patch6.5 U2b*
Mitigation/ WorkaroundNone
VMware ProductVC
Product Version6.0
Running on Any
SeverityModerate
Replace with/ Apply Patch6.0 U3f*
Mitigation/ WorkaroundNone
VMware ProductVC
Product Version5.5
Running on Any
SeverityModerate
Replace with/ Apply Patch5.5 U3i*
Mitigation/ WorkaroundNone
VMware ProductESXi
Product Version6.7
Running on Any
SeverityModerate
Replace with/ Apply PatchESXi670-201806401-BG* ESXi670-201806402-BG**
Mitigation/ WorkaroundNone
VMware ProductESXi
Product Version6.5
Running on Any
SeverityModerate
Replace with/ Apply PatchESXi650-201806401-BG* ESXi650-201806402-BG**
Mitigation/ WorkaroundNone
VMware ProductESXi
Product Version6.0
Running on Any
SeverityModerate
Replace with/ Apply PatchESXi600-201806401-BG* ESXi600-201806402-BG**
Mitigation/ WorkaroundNone
VMware ProductESXi
Product Version5.5
Running on Any
SeverityModerate
Replace with/ Apply PatchESXi550-201806401-BG* ESXi550-201806402-BG**
Mitigation/ WorkaroundNone
VMware ProductWorkstation
Product Version14.x
Running on Any
SeverityModerate
Replace with/ Apply Patch14.1.2*
Mitigation/ WorkaroundNone
VMware ProductFusion
Product Version10.x
Running on Any
SeverityModerate
Replace with/ Apply Patch10.1.2*
Mitigation/ WorkaroundNone

* There are additional VMware and 3rd party requirements for CVE-2018-3639 mitigation beyond applying these updates. Please see VMware Knowledge Base article 55111 for details.
 ** If available, these ESXi patches apply the required microcode updates. The included microcode updates are documented in the VMware Knowledge Base articles listed in the Solution section.

 

4. Solution

 

Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.

 

vCenter Server 6.7.0b
Downloads:

https://my.vmware.com/web/vmware/details?downloadGroup=VC670B&productId=742&rPId=24511

Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-670b-release-notes.html

 

vCenter Server 6.5 U2b
Downloads:

https://my.vmware.com/web/vmware/details?downloadGroup=VC65U2B&productId=614&rPId=24437

Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u2b-release-notes.html

 

vCenter Server 6.0 U3f
Downloads:

https://my.vmware.com/web/vmware/details?downloadGroup=VC60U3F&productId=491&rPId=24398

Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.0/rn/vsphere-vcenter-server-60u3f-release-notes.html

 

vCenter Server 5.5 U3i
Downloads:

https://my.vmware.com/web/vmware/details?downloadGroup=VC55U3I&productId=353&rPId=24327

Documentation:
https://docs.vmware.com/en/VMware-vSphere/5.5/rn/vsphere-vcenter-server-55u3i-release-notes.html

 

VMware ESXi 6.7
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55920
https://kb.vmware.com/kb/55921 (microcode)

 

VMware ESXi 6.5
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55915
https://kb.vmware.com/kb/55916 (microcode)

 

VMware ESXi 6.0
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55910
https://kb.vmware.com/kb/55911 (microcode)

 

VMware ESXi 5.5
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55905
https://kb.vmware.com/kb/55906 (microcode)

 

VMware Workstation Pro, Player 14.1.2

Downloads and Documentation:

https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/go/downloadplayer

 

VMware Fusion Pro / Fusion 10.1.2

Downloads and Documentation:

https://www.vmware.com/go/downloadfusion
 

6. Change log

 

2018-05-21: VMSA-2018-0012

Initial security advisory in conjunction with the release of Workstation 14.1.2 and Fusion 10.1.2 on 2018-05-21.

 

2018-06-28: VMSA-2018-0012.1
Updated security advisory in conjunction with the release of vCenter Server 5.5 U3i, 6.0 U3f, 6.5 U2b, 6.7.0b and ESXi 5.5 - 6.7 patches on 2018-06-28.

 

7. Contact

 

E-mail list for product security notifications and announcements:

http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

 

This Security Advisory is posted to the following lists:

  [email protected]

  [email protected]

  [email protected]

 

E-mail: [email protected]

PGP key at:

https://kb.vmware.com/kb/1055

 

VMware Security Advisories

http://www.vmware.com/security/advisories

 

VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html

 

VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html

 

VMware Security & Compliance Blog  

https://blogs.vmware.com/security

 

Twitter

https://twitter.com/VMwareSRC

 

Copyright 2018 VMware Inc. All rights reserved.