VYPR
Get started
← All advisories
Medium severity6.5NVD Advisory· Published Nov 17, 2017· Updated May 13, 2026

CVE-2017-4938

CVE-2017-4938

Description

VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

Affected products

28
  • VMware/Fusion15 versions
    cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:fusion:8.5.8:*:*:*:*:*:*:*
    • (no CPE)range: 8.x before 8.5.9
  • VMware/Workstation13 versions
    cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*
    • (no CPE)range: 12.x before 12.5.8

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.