VMware Fusion 8.x < 8.5.0 Kernel Memory Address Disclosure (VMSA-2016-0017) (Mac OS X)
Low Nessus Plugin ID 94338
SynopsisA virtualization application installed on the remote macOS or Mac OS X host is affected by an information disclosure vulnerability.
DescriptionThe version of VMware Fusion installed on the remote macOS or Mac OS X host is 8.x prior to 8.5.0. It is, therefore, affected by an information disclosure vulnerability in the System Integrity Protection (SIP) feature. A local attacker can exploit this issue to obtain kernel memory addresses and thereby bypass the kASLR protection mechanism.
SolutionUpgrade to VMware Fusion version 8.5.0 or later.