Memory Leak Vulnerability in VMware Hypervisors and Workstation
CVE-2020-3995

5.3MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Esxi, Workstation, Fusion
Vendor: CVE Published:; 20 October 2020

What is CVE-2020-3995?

VMware has identified a memory leak vulnerability within the VMCI host drivers used by its hypervisors, including ESXi and Workstation. This vulnerability allows a malicious actor with access to a virtual machine to induce a memory leak, which over time can lead to memory resource exhaustion on the hypervisor. If exploited, this issue could affect the performance and stability of the virtualization environment, causing a denial of service. It is essential for administrators to apply the latest patches to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VMware ESXi, Workstation, Fusion VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0)

References

https://www.vmware.com/security/advisories/VMSA-2020-0023...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 20, 2020
Vulnerability Reserved
Dec 30, 2019

JSON

Vmware

What is CVE-2020-3995?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.