VMWare Workstation Denial of Service Vulnerability Disclosure (CVE-2018-6977)



Today, Cisco Talos is disclosing a vulnerability in VMware Workstation that could result in denial of service.

VMware Workstation

is a widely used virtualization platform designed to run alongside a normal operating system, allowing users to use both virtualized and physical systems concurrently.


Discovered by Piotr Bania of Cisco Talos

TALOS-2018-0589 / CVE-2018-6977 is an exploitable denial-of-service (DoS) vulnerability in the VMware Workstation 14 software. The vulnerability lies in the pixel shader utilized by VMware Workstation and can be triggered by supplying a malformed pixel shader in either text or binary form inside a VMware guest operating system. This vulnerability can be triggered from VMware guest or VMware hosts and results in a process crashing leading to a DoS state. Additionally, it is possible to trigger the vulnerability through WEBGL, assuming the browser will not use ANGLE and will supply the malformed shader as intended.

For more technical details, please read our advisory



Tested Software:

VMware Workstation 14 (


Talos has developed the following Snort rules to detect attempts to exploit this vulnerability. Note that these rules are subject to change pending additional vulnerability information. For the most current information, please visit your Firepower Management Center or Snort.org.

For other vulnerabilities Talos has disclosed, please refer to our Vulnerability Report Portal: http://www.talosintelligence.com/vulnerability-reports/

To review our Vulnerability Disclosure Policy, please visit this site:


Original links

Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: VMWare Workstation DoS Vulnerability