CVE-2017-4903

Published: Jun 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.

Vendor	Product	Versions
VMware	ESXi	affected `6.5 without patch ESXi650-201703410-SG` affected `6.0 U3 without patch ESXi600-201703401-SG` affected `6.0 U2 without patch ESXi600-201703403-SG` affected `6.0 U1 without patch ESXi600-201703402-SG` affected `5.5 without patch ESXi550-201703401-SG`
VMware	Workstation Pro / Player	affected `12.x prior to 12.5.5`
VMware	Fusion Pro / Fusion	affected `8.x prior to 8.5.6`