High
A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.
A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker’s control must be present for exploitation to be possible.
A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine’s vmx process leading to a partial denial of service condition.
A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker’s control must be present for exploitation to be possible.
A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine’s vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker’s control must be present for exploitation to be possible.
A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker’s control must be present for exploitation to be possible.
A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor’s memory. Additional conditions beyond the attacker’s control need to be present for exploitation to be possible.
A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory.
A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
VMware
Refer to VMware advisory for the list of upgraded patches and complete list of affected products.
https://www.vmware.com/security/advisories/VMSA-2020-0015.html