VMware Products and Intel® Software Guard Extensions (Intel® SGX)
Article ID: 341572
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
The VMware Security Engineering, Communications, and Response group (vSECR) has been investigating the impact of vulnerabilities in Intel® SGX that may affect VMware products. Intel® Software Guard Extensions (Intel® SGX) is a new processor-specific technology for application developers who are seeking to protect select code and data from disclosure or modification.
Environment
VMware vSphere ESXi 5.5
VMware vSphere ESXi 6.5
VMware vSphere ESXi 6.7
VMware vSphere ESXi 6.0
VMware vSphere ESXi 6.5
VMware vSphere ESXi 6.7
VMware vSphere ESXi 6.0
Resolution
At the time of this publication, VMware Hypervisors do not use Intel® SGX nor do they support virtualization of Intel® SGX; therefore, they are not affected by vulnerabilities that leverage Intel® SGX. In addition, VMware does not ship any other products (such as virtual appliances) that utilize Intel® SGX.
Example issues
CVE-2018-9056 aka. 'BranchScope'
CVE-2018-3615
CVE-2019-11157
Please sign up at our Security-Announce mailing list to receive new and updated VMware Security Advisories and click ‘subscribe to article’ on the right side of this page to be alerted when new information is added to this document.
Changelog
5/1/18: Initial publication.
Example issues
CVE-2018-9056 aka. 'BranchScope'
CVE-2018-3615
CVE-2019-11157
Please sign up at our Security-Announce mailing list to receive new and updated VMware Security Advisories and click ‘subscribe to article’ on the right side of this page to be alerted when new information is added to this document.
Changelog
5/1/18: Initial publication.
Feedback
Yes
No
Powered by
