CVE-2018-6977

CVE Database · CVE-2018-6977

CVE-2018-6977

· N/AModified

CVSS v3.1

N/A

EPSS

0.43%

Published

Oct 9, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.

Weaknesses (CWE)

CWE-835

Affected Products (7)

vmware · esxivulnerable

vmware · workstationvulnerable

vmware · fusionvulnerable

References (8)

http://www.securityfocus.com/bid/105549

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041821

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041822