CVE-2020-3995 - Missing Release of Memory after Effective Lifetime

Severity

53%

Complexity

16%

Confidentiality

60%

In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time.

CVSS 3.1 Base Score 5.3. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVSS 2.0 Base Score 3.5. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P).

Demo Examples

Missing Release of Memory after Effective Lifetime

CWE-401

The following C function leaks a block of allocated memory if the call to read() does not return the expected number of bytes:


               
}

                     
return buf;
return NULL;

                           
return NULL;

Overview

First reported 4 years ago

2020-10-20 17:15:00

Last updated 4 years ago

2020-10-30 15:55:00

Affected Software

VMware Esxi 6.7

6.7

VMware ESXi 6.7 670-201806001

6.7

VMware ESXi 6.7 670-201807001

6.7

VMware ESXi 6.7 670-201808001

6.7

VMware ESXi 6.7 670-201810001

6.7

VMware ESXi 6.7 670-201810101

6.7

VMware ESXi 6.7 670-201810102

6.7

VMware ESXi 6.7 670-201810103

6.7

VMware ESXi 6.7 670-201810201

6.7

VMware ESXi 6.7 670-201810202

6.7

VMware ESXi 6.7 670-201810203

6.7

VMware ESXi 6.7 670-201810204

6.7

VMware ESXi 6.7 670-201810205

6.7

VMware ESXi 6.7 670-201810206

6.7

VMware ESXi 6.7 670-201810207

6.7

VMware ESXi 6.7 670-201810208

6.7

VMware ESXi 6.7 670-201810209

6.7

VMware ESXi 6.7 670-201810210

6.7

VMware ESXi 6.7 670-201810211

6.7

VMware ESXi 6.7 670-201810212

6.7

VMware ESXi 6.7 670-201810213

6.7

VMware ESXi 6.7 670-201810214

6.7

VMware ESXi 6.7 670-201810215

6.7

VMware ESXi 6.7 670-201810216

6.7

VMware ESXi 6.7 670-201810217

6.7

VMware ESXi 6.7 670-201810218

6.7

VMware ESXi 6.7 670-201810219

6.7

VMware ESXi 6.7 670-201810220

6.7

VMware ESXi 6.7 670-201810221

6.7

VMware ESXi 6.7 670-201810222

6.7

VMware ESXi 6.7 670-201810223

6.7

VMware ESXi 6.7 670-201810224

6.7

VMware ESXi 6.7 670-201810225

6.7

VMware ESXi 6.7 670-201810226

6.7

VMware ESXi 6.7 670-201810227

6.7

VMware ESXi 6.7 670-201810228

6.7

VMware ESXi 6.7 670-201810229

6.7

VMware ESXi 6.7 670-201810230

6.7

VMware ESXi 6.7 670-201810231

6.7

VMware ESXi 6.7 670-201810232

6.7

VMware ESXi 6.7 670-201810233

6.7

VMware ESXi 6.7 670-201810234

6.7

VMware ESXi 6.7 670-201811001

6.7

VMware ESXi 6.7 670-201901001

6.7

VMware ESXi 6.7 670-201901401

6.7

VMware ESXi 6.7 670-201901402

6.7

VMware ESXi 6.7 670-201901403

6.7

VMware Esxi 6.7 670-201903001

6.7

VMware Esxi 6.7 670-201904001

6.7

VMware ESXi 6.7 670-201904201

6.7

VMware ESXi 6.7 670-201904201-UG

6.7

VMware ESXi 6.7 670-201904202

6.7

VMware ESXi 6.7 670-201904202-UG

6.7

VMware ESXi 6.7 670-201904203

6.7

VMware ESXi 6.7 670-201904203-UG

6.7

VMware ESXi 6.7 670-201904204

6.7

VMware ESXi 6.7 670-201904204-UG

6.7

VMware ESXi 6.7 670-201904205

6.7

VMware ESXi 6.7 670-201904205-UG

6.7

VMware ESXi 6.7 670-201904206

6.7

VMware ESXi 6.7 670-201904206-UG

6.7

VMware ESXi 6.7 670-201904207

6.7

VMware ESXi 6.7 670-201904207-UG

6.7

VMware ESXi 6.7 670-201904208

6.7

VMware ESXi 6.7 670-201904208-UG

6.7

VMware ESXi 6.7 670-201904209

6.7

VMware ESXi 6.7 670-201904209-UG

6.7

VMware ESXi 6.7 670-201904210

6.7

VMware ESXi 6.7 670-201904210-UG

6.7

VMware ESXi 6.7 670-201904211

6.7

VMware ESXi 6.7 670-201904211-UG

6.7

VMware ESXi 6.7 670-201904212

6.7

VMware ESXi 6.7 670-201904212-UG

6.7

VMware ESXi 6.7 670-201904213

6.7

VMware ESXi 6.7 670-201904213-UG

6.7

VMware ESXi 6.7 670-201904214

6.7

VMware ESXi 6.7 670-201904214-UG

6.7

VMware ESXi 6.7 670-201904215

6.7

VMware ESXi 6.7 670-201904215-UG

6.7

VMware ESXi 6.7 670-201904216

6.7

VMware ESXi 6.7 670-201904216-UG

6.7

VMware ESXi 6.7 670-201904217

6.7

VMware ESXi 6.7 670-201904217-UG

6.7

VMware ESXi 6.7 670-201904218

6.7

VMware ESXi 6.7 670-201904218-UG

6.7

VMware ESXi 6.7 670-201904219

6.7

VMware ESXi 6.7 670-201904219-UG

6.7

VMware ESXi 6.7 670-201904220

6.7

VMware ESXi 6.7 670-201904220-UG

6.7

VMware ESXi 6.7 670-201904221

6.7

VMware ESXi 6.7 670-201904221-UG

6.7

VMware ESXi 6.7 670-201904222

6.7

VMware ESXi 6.7 670-201904222-UG

6.7

VMware ESXi 6.7 670-201904223

6.7

VMware ESXi 6.7 670-201904223-UG

6.7

VMware ESXi 6.7 670-201904224

6.7

VMware ESXi 6.7 670-201904224-UG

6.7

VMware ESXi 6.7 670-201904225

6.7

VMware ESXi 6.7 670-201904225-UG

6.7

VMware ESXi 6.7 670-201904226

6.7

VMware ESXi 6.7 670-201904226-UG

6.7

VMware ESXi 6.7 670-201904227

6.7

VMware ESXi 6.7 670-201904227-UG

6.7

VMware ESXi 6.7 670-201904228

6.7

VMware ESXi 6.7 670-201904228-UG

6.7

VMware ESXi 6.7 670-201904229

6.7

VMware ESXi 6.7 670-201904229-UG

6.7

VMware Esxi 6.7 670-201905001

6.7

VMware Esxi 6.7 670-201906002

6.7

VMware Esxi 6.7 670-201908101

6.7

VMware Esxi 6.5

6.5

Vmware ESXi 6.5 2

6.5

VMware ESXi 6.5 650-201701001

6.5

VMware ESXi 6.5 650-201703001

6.5

VMware ESXi 6.5 650-201703002

6.5

VMware ESXi 6.5 650-201704001

6.5

VMware ESXi 6.5 650-201707101

6.5

VMware ESXi 6.5 650-201707102

6.5

VMware ESXi 6.5 650-201707103

6.5

VMware ESXi 6.5 650-201707201

6.5

VMware ESXi 6.5 650-201707202

6.5

VMware ESXi 6.5 650-201707203

6.5

VMware ESXi 6.5 650-201707204

6.5

VMware ESXi 6.5 650-201707205

6.5

VMware ESXi 6.5 650-201707206

6.5

VMware ESXi 6.5 650-201707207

6.5

VMware ESXi 6.5 650-201707208

6.5

VMware ESXi 6.5 650-201707209

6.5

VMware ESXi 6.5 650-201707210

6.5

VMware ESXi 6.5 650-201707211

6.5

VMware ESXi 6.5 650-201707212

6.5

VMware ESXi 6.5 650-201707213

6.5

VMware ESXi 6.5 650-201707214

6.5

VMware ESXi 6.5 650-201707215

6.5

VMware ESXi 6.5 650-201707216

6.5

VMware ESXi 6.5 650-201707217

6.5

VMware ESXi 6.5 650-201707218

6.5

VMware ESXi 6.5 650-201707219

6.5

VMware ESXi 6.5 650-201707220

6.5

VMware ESXi 6.5 650-201707221

6.5

VMware ESXi 6.5 650-201710001

6.5

VMware ESXi 6.5 650-201712001

6.5

VMware ESXi 6.5 650-201803001

6.5

VMware ESXi 6.5 650-201806001

6.5

VMware ESXi 6.5 650-201808001

6.5

VMware ESXi 6.5 650-201810001

6.5

VMware ESXi 6.5 650-201810002

6.5

VMware ESXi 6.5 650-201811001

6.5

VMware ESXi 6.5 650-201811002

6.5

VMware ESXi 6.5 650-201811301

6.5

VMware ESXi 6.5 650-201901001

6.5

VMware ESXi 6.5 650-201903001

6.5

VMware ESXi 6.5 650-201905001

6.5

VMware Esxi 6.5 650-201908001

6.5

VMware Esxi 6.5 650-201910001

6.5

VMware Esxi 6.5 650-20191004001

6.5

VMware ESXi 6.5 650-201911001

6.5

VMware ESXi 6.5 650-201911401

6.5

VMware ESXi 6.5 650-201911402

6.5

VMware ESXi 6.5 650-201912001

6.5

VMware ESXi 6.5 650-201912002

6.5

VMware ESXi 6.5 650-201912101

6.5

VMware ESXi 6.5 650-201912102

6.5

VMware ESXi 6.5 650-201912103

6.5

VMware ESXi 6.5 650-201912104

6.5

VMware ESXi 6.5 650-201912301

6.5

VMware ESXi 6.5 650-201912401

6.5

VMware ESXi 6.5 650-201912402

6.5

VMware ESXi 6.5 650-201912403

6.5

VMware ESXi 6.5 650-201912404

6.5

VMware ESXi 6.5 650-202005001

6.5

VMware Cloud Foundation

VMWare VMWare

References

https://www.vmware.com/security/advisories/VMSA-2020-0023.html

https://www.vmware.com/security/advisories/VMSA-2020-0023.html

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.