【漏洞通告】VMware VMXNET3整数溢出漏洞(CVE-2025-41236)

发布于2025年7月17日2025年7月22日作者:cve-20

原文链接: https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247501334&idx=2&sn=c11ce042dbc5e02e25cdeaa2e8f4c5df

【漏洞通告】VMware VMXNET3整数溢出漏洞(CVE-2025-41236)

启明星辰安全简讯 2025-07-17 07:57

一、漏洞概述

漏洞名称	VMware VMXNET3整数溢出漏洞
CVE ID	CVE-2025-41236
漏洞类型	整数溢出	发现时间	2025-07-17
漏洞评分	9.3	漏洞等级	严重
攻击向量	本地	所需权限	无
利用难度	低	用户交互	需要
PoC/EXP	未公开	在野利用	未发现

VMXNET3是VMware提供的高性能虚拟网络适配器；VMCI（Virtual Machine Communication Interface）用于虚拟机与宿主机之间的高效通信；PVSCSI是面向高性能存储的虚拟化SCSI控制器；vSockets提供虚拟机与宿主机或虚拟机之间的套接字通信机制，用于低延迟数据传输。

2025年7月17日，启明星辰集团VSRC监测到VMware官方披露其多个产品中存在四个高危漏洞，涉及VMXNET3、VMCI、PVSCSI和vSockets等关键虚拟化组件，分别为VMware VMXNET3整数溢出漏洞（CVE-2025-41236）、VMware VMCI整数下溢漏洞（CVE-2025-41237）、VMware PVSCSI堆溢出漏洞（CVE-2025-41238）以及VMware vSockets信息泄露漏洞（CVE-2025-41239）。其中，前三个漏洞可被具备本地管理员权限的攻击者在虚拟机内利用，最终以VMX进程权限在宿主机上实现远程代码执行，严重威胁虚拟化平台的系统安全；CVE-2025-41239则由于vSockets组件存在未初始化内存使用问题，可能导致攻击者泄露与其通信进程的敏感内存信息。

二、影响范围

CVE-2025-41236影响范围

VMware Cloud Foundation ESX = 9.0.0.0

VMware ESXi = 7.0

VMware ESXi = 8.0

VMware Workstation = 17.x

VMware Fusion = 13.x

VMware Cloud Foundation = 4.5.x

VMware Cloud Foundation = 5.x

VMware Telco Cloud Platform = 2.x

VMware Telco Cloud Platform = 3.x

VMware Telco Cloud Platform = 4.x

VMware Telco Cloud Platform = 5.x

VMware Telco Cloud Infrastructure = 2.x

VMware Telco Cloud Infrastructure = 3.x

CVE-2025-41237影响范围

VMware vSphere Foundation ESX = 9.0.0.0

VMware ESXi = 7.0

VMware ESXi = 8.0

VMware Workstation = 17.x

VMware Fusion = 13.x

VMware Cloud Foundation ESX = 9.0.0.0

VMware Cloud Foundation = 4.5.x

VMware Cloud Foundation = 5.x

VMware Telco Cloud Platform = 2.x

VMware Telco Cloud Platform = 3.x

VMware Telco Cloud Platform = 4.x

VMware Telco Cloud Platform = 5.x

VMware Telco Cloud Infrastructure = 2.x

VMware Telco Cloud Infrastructure = 3.x

CVE-2025-41238影响范围

VMware Cloud Foundation ESX = 9.0.0.0

VMware ESXi = 7.0

VMware ESXi = 8.0

VMware Workstation = 17.x

VMware Fusion = 13.x

VMware Cloud Foundation = 4.5.x

VMware Cloud Foundation = 5.x

VMware Telco Cloud Platform = 2.x

VMware Telco Cloud Platform = 3.x

VMware Telco Cloud Platform = 4.x

VMware Telco Cloud Platform = 5.x

VMware Telco Cloud Infrastructure = 2.x

VMware Telco Cloud Infrastructure = 3.x

CVE-2025-41239影响范围

VMware Cloud Foundation ESX = 9.0.0.0

VMware vSphere Foundation ESX = 9.0.0.0

VMware Cloud Foundation VMware Tools for Windows = 13.0.0.0

VMware vSphere Foundation VMware Tools for Windows = 13.0.0.0

VMware ESXi = 7.0

VMware ESXi = 8.0

VMware Workstation = 17.x

VMware Fusion = 13.x

VMware Cloud Foundation = 4.5.x

VMware Cloud Foundation = 5.x

VMware Telco Cloud Platform = 2.x

VMware Telco Cloud Platform = 3.x

VMware Telco Cloud Platform = 4.x

VMware Telco Cloud Platform = 5.x

VMware Telco Cloud Infrastructure = 2.x

VMware Telco Cloud Infrastructure = 3.x

VMware Tools for Windows = 11.x.x

VMware Tools for Windows = 12.x.x

VMware Tools for Windows = 13.x.x

VMware Tools for Linux = 11.x.x

VMware Tools for Linux = 12.x.x

VMware Tools for Linux = 13.x.x

VMware Tools for macOS = 11.x.x

VMware Tools for macOS = 12.x.x

VMware Tools for macOS = 13.x.x

三、安全措施

3.1 升级版本

官方已发布修复版本，建议尽快升级至最新版本

VMware vSphere Foundation ESX 9.0.0.0 升级至ESXi-9.0.0.0100-24813472

VMware Tools 13.0.0.0（Windows）升级至13.0.1.0

VMware ESXi 8.0：升级至ESXi80U3f-24784735或升级至ESXi80U2e-24789317

VMware ESXi 7.0：升级至ESXi70U3w-24784741

VMware Workstation 17.x：升级至 17.6.4

VMware Fusion 13.x升级至13.6.4

VMware Cloud Foundation版本 5.x：异步补丁至ESXi80U3f-24784735

VMware Cloud Foundation版本 4.5.x：异步补丁至ESXi70U3w-24784741

VMware Telco Cloud Platform版本 5.x / 4.x：升级至ESXi80U3f-24784735

VMware Telco Cloud Platform版本 3.x / 2.x：升级至ESXi70U3w-24784741

VMware Telco Cloud Infrastructure（3.x / 2.x）升级至ESXi70U3w-24784741

VMware Tools Windows 13.xx：升级至13.0.1.0

VMware Tools Windows 12.xx / 11.xx：升级至12.5.3

下载链接：

VMware Cloud Foundation 9.0.0.0.0

https://support.broadcom.com/group/ecx/productfiles?displayGroup=VMware%20Cloud%20Foundation%209&release=9.0.0.0&os=&servicePk=&language=EN&groupId=529537&viewGroup=true

VMware vSphere Foundation 9.0.0.0.0

https://support.broadcom.com/group/ecx/productfiles?displayGroup=VMware%20vSphere%20Foundation%209&release=9.0.0.0&os=&servicePk=&language=EN&groupId=529542&viewGroup=true

VMware ESXi 8.0 ESXi80U3f-24784735

https://support.broadcom.com/web/ecx/solutiondetails?patchId=15938

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html

VMware ESXi 8.0 ESXi80U2e-24789317

https://support.broadcom.com/web/ecx/solutiondetails?patchId=15939

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html

VMware ESXi 7.0 ESXi70U3w-24784741

https://support.broadcom.com/web/ecx/solutiondetails?patchId=15940

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html

VMware Workstation 17.6.4

https://support.broadcom.com/group/ecx/productdownloads?subfamily=VMware%20Workstation%20Pro&freeDownloads=true

https://techdocs.broadcom.com/us/en/vmware-cis/desktop-hypervisors/workstation-pro/17-0/release-notes/vmware-workstation-1764-pro-release-notes.html

VMware Fusion 13.6.4

https://support.broadcom.com/group/ecx/productdownloads?subfamily=VMware%20Fusion&freeDownloads=true

https://techdocs.broadcom.com/us/en/vmware-cis/desktop-hypervisors/fusion-pro/13-0/release-notes/vmware-fusion-1364-release-notes.html

VMware Cloud Foundation 5.x, 4.5.x

https://knowledge.broadcom.com/external/article?legacyId=88287

VMware Tools 13.0.1.0

https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Tools&displayGroup=VMware%20Tools%2013.x&release=13.0.1.0&os=&servicePk=&language=EN&freeDownloads=true

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/tools/13-0-0/release-notes/vmware-tools-1301-release-notes.html

VMware Tools 12.5.3

https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Tools&displayGroup=VMware%20Tools%2012.x&release=12.5.3&os=&servicePk=&language=EN&freeDownloads=true

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/tools/12-5-0/release-notes/vmware-tools-1253-release-notes.html

3.2 临时措施

暂无。

3.3 通用建议

定期更新系统补丁，减少系统漏洞，提升服务器的安全性。

加强系统和网络的访问控制，修改防火墙策略，关闭非必要的应用端口或服务，减少将危险服务（如SSH、RDP等）暴露到公网，减少攻击面。

使用企业级安全产品，提升企业的网络安全性能。

加强系统用户和权限管理，启用多因素认证机制和最小权限原则，用户和软件权限应保持在最低限度。

启用强密码策略并设置为定期修改。

3.4 参考链接

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877

【漏洞通告】VMware VMXNET3整数溢出漏洞(CVE-2025-41236)

【漏洞通告】VMware VMXNET3整数溢出漏洞(CVE-2025-41236)

一、漏洞概述

二、影响范围

三、安全措施

近期文章

近期评论

归档

分类