The vuln (CVE-2018-6977) allows an attacker with normal local user privileges to trigger an infinite loop in a 3D-rendering shader. According to VMware, a “specially crafted 3D shader may loop for an infinite amount of time and lock up a VM’s virtual graphics device”.
If that happens, VMware warned, the hypervisor may rely on the host box’s graphics driver to ensure other users of the physical machine are not impacted by the infinite graphical loop.
“However, many graphics drivers may themselves get into to a denial-of-service condition caused by such infinite shaders, and as a result other VMs or processes running on the host might also be affected,” said VMware in a statement.
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft