Denial of Service Vulnerability in VMware ESXi and ESX
CVE-2008-4914

Currently unrated

Key Information:

Vendor: Vmware
Status: Esx; Esxi
Vendor: CVE Published:; 3 February 2009

Summary

A vulnerability exists in VMware ESXi 3.5 and ESX 3.5 that allows local administrators to trigger a denial of service condition. This occurs when a snapshot operation is performed using a malformed VMDK delta disk, leading to a potential host crash. This issue highlights the importance of validating input data used in virtual machine snapshots to prevent service interruptions.

References

http://www.securityfocus.com/bid/33549

vdb-entryx_refsource_BID

http://www.vmware.com/security/advisories/VMSA-2009-0001....

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2009/0301

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Feb 3, 2009
Vulnerability Reserved
Nov 3, 2008