Tag: workaround

VMware has released a new security advisory VMSA-2019-0019 (VMware ESXi, Workstation, and Fusion updates address a denial-of-service vulnerability).

This advisory documents the remediation of one issue, rated with a severity of moderate. VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VMs.

Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. By default, this functionality is not enabled on ESXi and is enabled on Workstation and Fusion.

The identifier CVE-2019-5536 was assigned to this vulnerability.

Affected products and resolutions:

• ESXi 6.7 – apply patch ESXi670-201908101-SG
• ESXi 6.5 – apply patch ESXi650-201910401-SG
• Workstation 15.x – update to 15.5.0
• Fusion 11.x – update to 11.5.0

The workaround for this issue involves disabling the 3D-acceleration feature.

Disable 3D-acceleration on ESXi

• With Host Client or vCenter, go to the individual VM > Edit Settings > Virtual hardware > Video card.
• If the “3D Graphics” is checked then 3D-acceleration feature is enabled.

Disable 3D-acceleration on Workstation

• Select virtual machine and select VM > Settings.
• On the Hardware tab, select Display.
• If the “Accelerate 3D graphics” is checked then 3D-acceleration feature is enabled.

Disable 3D-acceleration on Fusion

• From the VMware Fusion menu bar, select Window > Virtual Machine Library.
• Select a virtual machine and click Settings.
• In the Settings Window > select Display.
• If the “Accelerate 3D graphics” is checked then 3D-acceleration feature is enabled.

You can check reports on other VMware vulnerabilities in my page dedicated to Security Advisories.