Denial of service in VMware ESXi, Workstation, and Fusion
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-6977 |
| CWE-ID | CWE-835 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
VMware Workstation Client/Desktop applications / Virtualization software VMware Fusion Client/Desktop applications / Virtualization software VMware ESXi Operating systems & Components / Operating system |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Infinite loop
EUVDB-ID: #VU15230
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2018-6977
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The weakness exists due to an infinite loop in a 3D-rendering shader when 3D-acceleration feature is enabled. A remote attacker with normal user privileges in the guest can make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
The workaround for this issue requires disabling the 3D-acceleration feature. The issue can only be exploited if 3D-acceleration feature is enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion. The 3D-acceleration settings can be reviewed as follows.
ESXi
With Host Client or vCenter, go to the individual VM > configure > hardware > video card >
3D Graphics --> Check if "3D Graphics" is enabled.
OR
Go to individual VMX file and then check for "mks.enable3d", if the VMs have the option
"mks.enable3d=TRUE", then 3D-acceleration feature is enabled
Workstation
- Select virtual machine and select VM > Settings.
- On the Hardware tab, select Display
If the "Accelerate 3D graphics" is checked then 3D-acceleration feature is enabled.
Fusion
-From the VMware Fusion menu bar, select Window > Virtual Machine Library.
-Select a virtual machine and click Settings.
-In the Settings Window > select Display.
If the "Accelerate 3D graphics" is checked then 3D-acceleration feature is enabled.
VMware Workstation: All versions
VMware ESXi: All versions
VMware Fusion: All versions
External linkshttp://www.vmware.com/security/advisories/VMSA-2018-0025.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
