tjw4l5h
Contributor
Contributor

Is USB 3.1 (xHCI) Controller Affected in CVE-2022-31705 (VMSA-2022-0033)

Two main questions based on the article here: https://www.vmware.com/security/advisories/VMSA-2022-0033.html.

  1. Is the USB 3.1 (xHCI) Controller affected?  The article only lists the USB 2.0 (EHCI) Controller, however the script they provide to remove it will remove all USB Controller versions.   We have hundreds of VMs with the USB 3.1 (xHCI) Controller and only a few using the 2.0 Controller.

2. Are the ESXi 6.7 and 6.5 OSes affected as well?  The article only mentions ESXi 8.0 and 7.0 and are not sure if the older versions are not listed because they are no longer supported by VMware.

Labels (3)
0 Kudos
1 Reply
scott28tt
VMware Employee
VMware Employee

As your post needs moving to the area for ESXi, I have reported it to the volunteer moderators.

 


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
0 Kudos