6 Replies Latest reply on Jan 10, 2018 12:23 AM by BenediktFrenzel

    CVE-2017-5753 Patch for 5.5?

    kmzimm Enthusiast

      According to the VMSA-2018-0002 release, the patch for ESXi 5.5 " has remediation against CVE-2017-5715 but not against CVE-2017-5753.", with no further information offered.


      So, that raises two questions:


      1. Is ESXi 5.5 vulnerable to CVE-2017-5753 (seems likely)?

      2. Is an additional patch forthcoming?

        • 1. Re: CVE-2017-5753 Patch for 5.5?
          DeepakNegi420 Enthusiast

          VMware published the advisory board with two of the three CV from two (CVE-2017-5715 & CVE-2017-5753 no information for CVE-2017-5754)


          refer to the VMware advisory link - VMSA-2018-0002 which addresses

          CVE-2017-5715 - Addressed & CVE-2017-5753 - Not addressed

          An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

          CVE-2017-5754 - No information published by VMware

          relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. Researchers have called this exploit "Meltdown".  Subsequent memory accesses may cause an allocation into the L1 data cache even when they reference otherwise inaccessible memory locations. As a result, an unprivileged local attacker could read privileged (kernel space) memory (including arbitrary physical memory locations on a host) by conducting targeted cache side-channel attacks.

          They have not provided any information on legacy VMware version prior to 5.1, pretty sure they are also affected. Let's wait for their next release.


          Best to follow this thread - Intel CPU bug - VMware fix on the way?

          • 2. Re: CVE-2017-5753 Patch for 5.5?

            see below Link....








            • 3. Re: CVE-2017-5753 Patch for 5.5?
              dlarocca Lurker

              Anyone have new updates on this?


              I have read the Vmware article VMSA-2018-0002  however I am still in need of clarification if 5.5 will get patch for CVE-2017-5753. Right now the article is saying only 6 and 6.5 will be patch for CVE-2017-5753.


              Also looking for information related to CVE-2017-5754





              • 4. Re: CVE-2017-5753 Patch for 5.5?
                ksram Enthusiast
                VMware Employees

                Read: VMSA-2018-0004  for further availability of the fixes on 5.5.

                As far as CVE-2017-5754 is concerned as per the blog at VMSA-2018-0002 - VMware Security & Compliance Blog - VMware Blogs,  It does not affect ESXi, Workstation, and Fusion because ESXi does not run un-trusted user mode code, and Workstation and Fusion rely on the protection that the underlying operating system provides.

                • 5. Re: CVE-2017-5753 Patch for 5.5?
                  JimKnopf99 Master

                  Patch is available now.


                  Advisory ID: VMSA-2018-0002.1

                  Severity:    Important

                  Synopsis:    VMware ESXi, Workstation and Fusion updates address

                               side-channel analysis due to speculative execution.

                  Issue date:  2018-01-03

                  Updated on:  2018-01-09

                  CVE number:  CVE-2017-5753, CVE-2017-5715

                  • 6. Re: CVE-2017-5753 Patch for 5.5?
                    BenediktFrenzel Enthusiast
                    VMware Employees

                    Hi kmzimm


                    You may want to see: VMware Knowledge Base - Hypervisor-Assisted Guest Mitigation for branch target injection (52085)


                    - Benedikt