CVE-2022-31681

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

Published: Oct 7, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-31681
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
vmware / esxi	7.0-beta	7.0-beta.x
vmware / esxi	7.0-update_1	7.0-update_1.x
vmware / esxi	7.0-update_1a	7.0-update_1a.x
vmware / esxi	7.0-update_1b	7.0-update_1b.x
vmware / esxi	7.0	7.0.x
vmware / esxi	7.0-update_2	7.0-update_2.x
vmware / esxi	7.0-update_2a	7.0-update_2a.x
vmware / esxi	7.0-update_2c	7.0-update_2c.x
vmware / esxi	7.0-update_2d	7.0-update_2d.x
vmware / esxi	7.0-update_1d	7.0-update_1d.x
vmware / esxi	7.0-update_1c	7.0-update_1c.x
vmware / esxi	7.0-update_3c	7.0-update_3c.x
vmware / esxi	7.0-update_3d	7.0-update_3d.x
vmware / esxi	7.0-update_3e	7.0-update_3e.x
vmware / esxi	7.0-update_2e	7.0-update_2e.x
vmware / esxi	7.0-update_1e	7.0-update_1e.x
vmware / esxi	-	7.0
vmware / cloud_foundation	4.2	4.3.1.1
vmware / cloud_foundation	4.4.1	4.4.1.x
vmware / cloud_foundation	4.4.1.1	4.4.1.1.x
vmware / cloud_foundation	4.4	4.4.x

https://www.vmware.com/security/advisories/VMSA-2022-0025.html

Vulnerability Database

289,599

CVE-2022-31681