VMware on March 5 issued patches for a pair of flaws they rated as “critical” and in the “important” severity range for VMware ESXi, Workstation, and Fusion.
VMware explained in an advisory to its customers that ESXi, Workstation, and Fusion contain a “use-after-free” vulnerability in the XHCI USB controller filed with NIST as CVE-2024-22252.
VMware evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.3 for…