CVE Vulnerabilities

CVE-2017-4925

NULL Pointer Dereference

Published: Sep 15, 2017 | Modified: Feb 03, 2022
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Esxi Vmware 5.5 (including) 5.5 (including)
Esxi Vmware 5.5-1 (including) 5.5-1 (including)
Esxi Vmware 5.5-2 (including) 5.5-2 (including)
Esxi Vmware 5.5-3a (including) 5.5-3a (including)
Esxi Vmware 5.5-3b (including) 5.5-3b (including)
Esxi Vmware 5.5-550-20170901001s (including) 5.5-550-20170901001s (including)
Esxi Vmware 6.0 (including) 6.0 (including)
Esxi Vmware 6.0-1 (including) 6.0-1 (including)
Esxi Vmware 6.0-1a (including) 6.0-1a (including)
Esxi Vmware 6.0-1b (including) 6.0-1b (including)
Esxi Vmware 6.0-2 (including) 6.0-2 (including)
Esxi Vmware 6.0-3 (including) 6.0-3 (including)
Esxi Vmware 6.0-3a (including) 6.0-3a (including)
Esxi Vmware 6.0-600-201504401 (including) 6.0-600-201504401 (including)
Esxi Vmware 6.0-600-201505401 (including) 6.0-600-201505401 (including)
Esxi Vmware 6.0-600-201507101 (including) 6.0-600-201507101 (including)
Esxi Vmware 6.0-600-201507102 (including) 6.0-600-201507102 (including)
Esxi Vmware 6.0-600-201507401 (including) 6.0-600-201507401 (including)
Esxi Vmware 6.0-600-201507402 (including) 6.0-600-201507402 (including)
Esxi Vmware 6.0-600-201507403 (including) 6.0-600-201507403 (including)
Esxi Vmware 6.0-600-201507404 (including) 6.0-600-201507404 (including)
Esxi Vmware 6.0-600-201507405 (including) 6.0-600-201507405 (including)
Esxi Vmware 6.0-600-201507406 (including) 6.0-600-201507406 (including)
Esxi Vmware 6.0-600-201507407 (including) 6.0-600-201507407 (including)
Esxi Vmware 6.0-600-201509101 (including) 6.0-600-201509101 (including)
Esxi Vmware 6.0-600-201509102 (including) 6.0-600-201509102 (including)
Esxi Vmware 6.0-600-201509201 (including) 6.0-600-201509201 (including)
Esxi Vmware 6.0-600-201509202 (including) 6.0-600-201509202 (including)
Esxi Vmware 6.0-600-201509203 (including) 6.0-600-201509203 (including)
Esxi Vmware 6.0-600-201509204 (including) 6.0-600-201509204 (including)
Esxi Vmware 6.0-600-201509205 (including) 6.0-600-201509205 (including)
Esxi Vmware 6.0-600-201509206 (including) 6.0-600-201509206 (including)
Esxi Vmware 6.0-600-201509207 (including) 6.0-600-201509207 (including)
Esxi Vmware 6.0-600-201509208 (including) 6.0-600-201509208 (including)
Esxi Vmware 6.0-600-201509209 (including) 6.0-600-201509209 (including)
Esxi Vmware 6.0-600-201509210 (including) 6.0-600-201509210 (including)
Esxi Vmware 6.0-600-201510401 (including) 6.0-600-201510401 (including)
Esxi Vmware 6.0-600-201511401 (including) 6.0-600-201511401 (including)
Esxi Vmware 6.0-600-201601101 (including) 6.0-600-201601101 (including)
Esxi Vmware 6.0-600-201601102 (including) 6.0-600-201601102 (including)
Esxi Vmware 6.0-600-201601401 (including) 6.0-600-201601401 (including)
Esxi Vmware 6.0-600-201601402 (including) 6.0-600-201601402 (including)
Esxi Vmware 6.0-600-201601403 (including) 6.0-600-201601403 (including)
Esxi Vmware 6.0-600-201601404 (including) 6.0-600-201601404 (including)
Esxi Vmware 6.0-600-201601405 (including) 6.0-600-201601405 (including)
Esxi Vmware 6.0-600-201602401 (including) 6.0-600-201602401 (including)
Esxi Vmware 6.0-600-201603101 (including) 6.0-600-201603101 (including)
Esxi Vmware 6.0-600-201603102 (including) 6.0-600-201603102 (including)
Esxi Vmware 6.0-600-201603201 (including) 6.0-600-201603201 (including)
Esxi Vmware 6.0-600-201603202 (including) 6.0-600-201603202 (including)
Esxi Vmware 6.0-600-201603203 (including) 6.0-600-201603203 (including)
Esxi Vmware 6.0-600-201603204 (including) 6.0-600-201603204 (including)
Esxi Vmware 6.0-600-201603205 (including) 6.0-600-201603205 (including)
Esxi Vmware 6.0-600-201603206 (including) 6.0-600-201603206 (including)
Esxi Vmware 6.0-600-201603207 (including) 6.0-600-201603207 (including)
Esxi Vmware 6.0-600-201603208 (including) 6.0-600-201603208 (including)
Esxi Vmware 6.0-600-201605401 (including) 6.0-600-201605401 (including)
Esxi Vmware 6.0-600-201608101 (including) 6.0-600-201608101 (including)
Esxi Vmware 6.0-600-201608401 (including) 6.0-600-201608401 (including)
Esxi Vmware 6.0-600-201608402 (including) 6.0-600-201608402 (including)
Esxi Vmware 6.0-600-201608403 (including) 6.0-600-201608403 (including)
Esxi Vmware 6.0-600-201608404 (including) 6.0-600-201608404 (including)
Esxi Vmware 6.0-600-201608405 (including) 6.0-600-201608405 (including)
Esxi Vmware 6.0-600-201610410 (including) 6.0-600-201610410 (including)
Esxi Vmware 6.0-600-201611401 (including) 6.0-600-201611401 (including)
Esxi Vmware 6.0-600-201611402 (including) 6.0-600-201611402 (including)
Esxi Vmware 6.0-600-201611403 (including) 6.0-600-201611403 (including)
Esxi Vmware 6.0-600-201702101 (including) 6.0-600-201702101 (including)
Esxi Vmware 6.0-600-201702102 (including) 6.0-600-201702102 (including)
Esxi Vmware 6.0-600-201702201 (including) 6.0-600-201702201 (including)
Esxi Vmware 6.0-600-201702202 (including) 6.0-600-201702202 (including)
Esxi Vmware 6.0-600-201702203 (including) 6.0-600-201702203 (including)
Esxi Vmware 6.0-600-201702204 (including) 6.0-600-201702204 (including)
Esxi Vmware 6.0-600-201702205 (including) 6.0-600-201702205 (including)
Esxi Vmware 6.0-600-201702206 (including) 6.0-600-201702206 (including)
Esxi Vmware 6.0-600-201702207 (including) 6.0-600-201702207 (including)
Esxi Vmware 6.0-600-201702208 (including) 6.0-600-201702208 (including)
Esxi Vmware 6.0-600-201702209 (including) 6.0-600-201702209 (including)
Esxi Vmware 6.0-600-201702210 (including) 6.0-600-201702210 (including)
Esxi Vmware 6.0-600-201702211 (including) 6.0-600-201702211 (including)
Esxi Vmware 6.0-600-201702212 (including) 6.0-600-201702212 (including)
Esxi Vmware 6.0-600-201703401 (including) 6.0-600-201703401 (including)
Esxi Vmware 6.5 (including) 6.5 (including)
Esxi Vmware 6.5-650-201701001 (including) 6.5-650-201701001 (including)
Esxi Vmware 6.5-650-201703001 (including) 6.5-650-201703001 (including)
Esxi Vmware 6.5-650-201703002 (including) 6.5-650-201703002 (including)
Esxi Vmware 6.5-650-201704001 (including) 6.5-650-201704001 (including)

Potential Mitigations

References