Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
VMware Workstation, Fusion, and ESXi Affected by DoS Vulnerability, No Patch Yet
#1
Quote:VMware published an advisory with workarounds for a denial-of-service vulnerability in its vSphere ESXi, Workstation (Pro / Player), and VMware Fusion (Fusion Pro) products discovered by Cisco Talos's Piotr Bania and exploitable when the 3D-acceleration feature is enabled.

According to VMware 3D-acceleration is not enabled by default on VMware vSphere ESXi, but it comes toggled on all versions of VMware Workstation and VMware Fusion.
According to VMware advisory, the vulnerability will trigger a denial-of-service because of an infinite loop caused by a maliciously crafted 3D-rendering shader.
Furthermore, according to Cisco Talos, the malformed pixel shader can be provided by a potential attacker in either binary or text form to the target within a VMware guest operating system.

Source: https://news.softpedia.com/news/vmware-w...3150.shtml
[-] The following 2 users say Thank You to silversurfer for this post:
  • dinosaur07, harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06
FastCopy 5.7.5
FastCopy 5.7.5: ...harlan4096 — 10:04

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>