CVE-2018-6977

Name of the Vulnerable Software and Affected Versions VMware ESXi versions 6.0 through 6.7 VMware Workstation versions 14.x through 15.x VMware Fusion versions 10.x through 11.x

Description The issue is related to an infinite loop in a 3D-rendering shader, which can cause a denial-of-service condition. This can make a virtual machine unresponsive and potentially affect other virtual machines on the host or the host itself. The vulnerability is associated with uncontrolled resource consumption in the 3D acceleration function of the hypervisors.

Recommendations For VMware ESXi versions 6.0 through 6.7, update to a version that includes a fix for the 3D-rendering shader issue. For VMware Workstation versions 14.x through 15.x, update to a version that includes a fix for the 3D-rendering shader issue. For VMware Fusion versions 10.x through 11.x, update to a version that includes a fix for the 3D-rendering shader issue. As a temporary workaround, consider disabling the 3D acceleration function in the affected virtual machines until a patch is available.