CVE-2020-3995 : What You Need to Know

VMware ESXi, Workstation, and Fusion are affected by a memory leak vulnerability in the VMCI host drivers, potentially leading to memory resource exhaustion on the hypervisor.

Understanding CVE-2020-3995

In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), a memory leak vulnerability exists in the VMCI host drivers.

What is CVE-2020-3995?

The vulnerability allows a malicious actor with access to a virtual machine to trigger a memory leak issue, causing memory resource exhaustion on the hypervisor if the attack is sustained.

The Impact of CVE-2020-3995

The exploitation of this vulnerability could result in memory resource exhaustion on the hypervisor, potentially leading to denial of service or other security compromises.

Technical Details of CVE-2020-3995

The technical aspects of the vulnerability in VMware ESXi, Workstation, and Fusion are as follows:

Vulnerability Description

The VMCI host drivers in VMware hypervisors contain a memory leak vulnerability.

Affected Systems and Versions

VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG
Workstation 15.x before 15.1.0
Fusion 11.x before 11.1.0

Exploitation Mechanism

A malicious actor can exploit the vulnerability by accessing a virtual machine and triggering a memory leak, leading to resource exhaustion on the hypervisor.

Mitigation and Prevention

Steps to address and prevent the CVE-2020-3995 vulnerability:

Immediate Steps to Take

Apply the necessary security patches provided by VMware.
Monitor and restrict access to virtual machines to authorized personnel.

Long-Term Security Practices

Regularly update and patch VMware products to mitigate known vulnerabilities.
Implement network segmentation and access controls to limit exposure to potential attacks.

Patching and Updates

VMware has released patches to address the memory leak vulnerability in ESXi, Workstation, and Fusion.