VMware Security Advisory 2018-0012.1 - VMware vSphere, Workstation and Fusion updates enable Hypervisor- Assisted Guest Mitigations for Speculative Store Bypass issue. The mitigations in this advisory are categorized as Hypervisor- Assisted Guest Mitigations described by VMware Knowledge Base article 54951. KB54951 also covers CVE-2018-3640 mitigations which do not require VMware product updates.
b7454f0cda78e28fc6b7444ae9be5bdd987d9eaf72ed3ac3ad092d94850944f6
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2018-0012.1
Severity: Moderate
Synopsis: VMware vSphere, Workstation and Fusion updates enable
Hypervisor-Assisted Guest Mitigations for Speculative Store
Bypass issue
Issue date: 2018-05-21
Updated on: 2018-06-28
CVE number: CVE-2018-3639
1. Summary
VMware vSphere, Workstation and Fusion updates enable Hypervisor-
Assisted Guest Mitigations for Speculative Store Bypass issue.
The mitigations in this advisory are categorized as Hypervisor-
Assisted Guest Mitigations described by VMware Knowledge Base article
54951. KB54951 also covers CVE-2018-3640 mitigations which do not
require VMware product updates.
2. Relevant Products
VMware vCenter Server (VC)
VMware vSphere ESXi (ESXi)
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
3. Problem Description
vCenter Server, ESXi, Workstation, and Fusion update speculative
execution control mechanism for Virtual Machines (VMs). As a result,
a patched Guest Operating System (GOS) can remediate the Speculative
Store bypass issue (CVE-2018-3639) using the Speculative-Store-
Bypass-Disable (SSBD) control bit. This issue may allow for
information disclosure in applications and/or execution runtimes
which rely on managed code security mechanisms. Based on current
evaluations, we do not believe that CVE-2018-3639 could allow for VM
to VM or Hypervisor to VM Information disclosure.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2018-3639 to this issue.
Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/ Mitigation/
Product Version on Severity Apply Patch Workaround
=========== ======= ======= ======== ==================== ==========
VC 6.7 Any Moderate 6.7.0b * None
VC 6.5 Any Moderate 6.5 U2b * None
VC 6.0 Any Moderate 6.0 U3f * None
VC 5.5 Any Moderate 5.5 U3i * None
ESXi 6.7 Any Moderate ESXi670-201806401-BG * None
ESXi670-201806402-BG **
ESXi 6.5 Any Moderate ESXi650-201806401-BG * None
ESXi650-201806402-BG **
ESXi 6.0 Any Moderate ESXi600-201806401-BG * None
ESXi600-201806402-BG **
ESXi 5.5 Any Moderate ESXi550-201806401-BG * None
ESXi550-201806402-BG **
Workstation 14.x Any Moderate 14.1.2 * None
Fusion 10.x OSX Moderate 10.1.2 * None
* There are additional VMware and 3rd party requirements for
CVE-2018-3639 mitigation beyond applying these updates. Please
see VMware Knowledge Base article 55111 for details.
** If available, these ESXi patches apply the required microcode
updates. The included microcode updates are documented in the
VMware Knowledge Base articles listed in the Solution section.
4. Solution
Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.
vCenter Server 6.7.0b
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=VC670B&productId=742
&rPId=24511
Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-670
b-release-notes.html
vCenter Server 6.5 U2b
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=VC65U2B&productId=61
4&rPId=24437
Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u
2b-release-notes.html
vCenter Server 6.0 U3f
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=VC60U3F&productId=49
1&rPId=24398
Documentation:
https://docs.vmware.com/en/VMware-vSphere/6.0/rn/vsphere-vcenter-server-60u
3f-release-notes.html
vCenter Server 5.5 U3i
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=VC55U3I&productId=35
3&rPId=24327
Documentation:
https://docs.vmware.com/en/VMware-vSphere/5.5/rn/vsphere-vcenter-server-55u
3i-release-notes.html
VMware ESXi 6.7
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55920
https://kb.vmware.com/kb/55921 (microcode)
VMware ESXi 6.5
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55915
https://kb.vmware.com/kb/55916 (microcode)
VMware ESXi 6.0
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55910
https://kb.vmware.com/kb/55911 (microcode)
VMware ESXi 5.5
Downloads:
https://my.vmware.com/group/vmware/patch
Documentation:
https://kb.vmware.com/kb/55905
https://kb.vmware.com/kb/55906 (microcode)
VMware Workstation Pro, Player 14.1.2
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/go/downloadplayer
VMware Fusion Pro / Fusion 10.1.2
Downloads and Documentation:
https://www.vmware.com/go/downloadfusion
5. References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
https://kb.vmware.com/kb/54951
https://kb.vmware.com/kb/55111
- ------------------------------------------------------------------------
6. Change log
2018-05-21: VMSA-2018-0012
Initial security advisory in conjunction with the release
of Workstation 14.1.2 and Fusion 10.1.2 on 2018-05-21.
2018-06-28: VMSA-2018-0012.1
Updated security advisory in conjunction with the release of vCenter
Server 5.5 U3i, 6.0 U3f, 6.5 U2b, 6.7.0b and ESXi 5.5 - 6.7 patches
on 2018-06-28.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com
PGP key at: https://kb.vmware.com/kb/1055
VMware Security Advisories
https://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Twitter
https://twitter.com/VMwareSRC
Copyright 2018 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8
wj8DBQFbNaFeDEcm8Vbi9kMRAn4NAJ42HgDjfXkcTVfDupwE4KPdPVsf7wCcDaLy
aN23XiAmhvFSxcQ5GnJR0ls=
=frKv
-----END PGP SIGNATURE-----