CVE-2019-5516

Name of the Vulnerable Software and Affected Versions VMware ESXi versions 6.7 before ESXi670-201904101-SG VMware ESXi versions 6.5 before ESXi650-201903001 VMware Workstation versions 15.x before 15.0.3 VMware Workstation versions 14.x before 14.1.6 VMware Fusion versions 11.x before 11.0.3 VMware Fusion versions 10.x before 10.1.6

Description The issue is related to an out-of-bounds vulnerability in the vertex shader functionality, which can be exploited to disclose information or create a denial-of-service condition. This can be achieved by an attacker with access to a virtual machine that has 3D graphics enabled. The exploitation may allow attackers with normal user privileges to cause a denial-of-service condition on their own virtual machine.

Recommendations For VMware ESXi versions 6.7 before ESXi670-201904101-SG, update to ESXi670-201904101-SG or later. For VMware ESXi versions 6.5 before ESXi650-201903001, update to ESXi650-201903001 or later. For VMware Workstation versions 15.x before 15.0.3, update to 15.0.3 or later. For VMware Workstation versions 14.x before 14.1.6, update to 14.1.6 or later. For VMware Fusion versions 11.x before 11.0.3, update to 11.0.3 or later. For VMware Fusion versions 10.x before 10.1.6, update to 10.1.6 or later. As a temporary workaround, consider disabling the 3D-acceleration feature to minimize the risk of exploitation.