VMSA-2024-0005:VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251)
24265
11 July 2024
08 May 2024
CLOSED
MEDIUM
5.9
None
CVE-2024-22251
| Advisory ID: | VMSA-2024-0005 |
| Advisory Severity: | Moderate |
| CVSSv3 Range: | 5.9 |
| Synopsis: | VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251) |
| Issue date: | 2024-02-27 |
| Updated on: | 2024-02-27 (Initial Advisory) |
| CVE(s) | CVE-2024-22251 |
1. Impacted Products
- VMware Workstation Pro / Player (Workstation)
- VMware Fusion
2. Introduction
An out-of-bounds read vulnerability in VMware Workstation and Fusion was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.
3. USB CCID Out-of-bounds read vulnerability (CVE-2024-22251)
Description
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9.
Known Attack Vectors
A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.
Resolution
To remediate CVE-2024-22251 update to the version listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None
Notes
None.
Acknowledgements
VMware would like to thank Jiaqing Huang (@s0duku) and Hao Zheng (@zhz) From TianGong Team of Legendsec at Qi'anxin Group for reporting this issue to us.
Response Matrix
| Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
|
Workstation
|
17.x
|
Any
|
CVE-2024-22251
|
moderate
|
17.5.1
|
None
|
None
|
|
|
Fusion
|
13.x
|
OS X
|
CVE-2024-22251
|
moderate
|
13.5.1
|
None
|
None
|
4. References
Fixed Version(s) and Release Notes:
Workstation Pro 17.5.1
Downloads and Documentation
https://customerconnect.vmware.com/downloads/info/slug/desktop_end_user_computing/vmware_workstation_pro/17_0
https://docs.vmware.com/en/VMware-Workstation-Pro/17.5.1/rn/vmware-workstation-1751-pro-release-notes/index.html
Fusion 13.5.1
Downloads and Documentation
https://customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_fusion/13_0
https://docs.vmware.com/en/VMware-Fusion/13.5.1/rn/vmware-fusion-1351-release-notes/index.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22251
FIRST CVSSv3 Calculator:
CVE-2024-22251: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
5. Change Log
2024-02-27 VMSA-2024-0005
Initial security advisory.
6. Contact
E-mail: [email protected]
PGP key at:
https://kb.vmware.com/kb/1055
VMware Security Advisories
https://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Twitter
https://twitter.com/VMwareSRC
Copyright 2024 Broadcom. All rights reserved.