CVE-2020-3958

Description

VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non-administrative access to a virtual machine to crash the virtual machine's vmx process leading to a denial of service condition.

Affected products

• VMware / VMware ESXi6.7 before ESXi670-202004101-SG – 6.7 before ESXi670-202004101-SG
• VMware / VMware ESXi6.5 before ESXi650-202005401-SG – 6.5 before ESXi650-202005401-SG
• VMware / VMware Fusion11.x before 11.5.2 – 11.x before 11.5.2
• VMware / VMware Workstation15.x before 15.5.2 – 15.x before 15.5.2

References

• VENDOR_ADVISORYhttps://www.vmware.com/security/advisories/VMSA-2020-0011.html
• MISChttps://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0957