CVE-2018-6977
First published: Tue Oct 09 2018(Updated: )
VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware ESXi | =6.0 | |
| VMware ESXi | =6.5 | |
| VMware ESXi | =6.7 | |
| VMware Workstation | >=14.0.0<=14.1.5 | |
| VMware Workstation | >=15.0.0<=15.0.2 | |
| VMware Fusion Pro | >=10.0.0<=10.1.5 | |
| VMware Fusion Pro | >=11.0.0<=11.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/vmware
- canonical/vmware esxi
- version/vmware esxi/6.0
- version/vmware esxi/6.5
- version/vmware esxi/6.7
- canonical/vmware workstation
- version/vmware workstation/14.0.0
- version/vmware workstation/14.1.5
- version/vmware workstation/15.0.0
- version/vmware workstation/15.0.2
- canonical/vmware fusion pro
- version/vmware fusion pro/10.0.0
- version/vmware fusion pro/10.1.5
- version/vmware fusion pro/11.0.0
- version/vmware fusion pro/11.0.2