CVE-2024-22268

Summary

VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition.

Affected Software

VendorProductVersion RangeStatus
N/AVMware Workstation17.x < 17.5.2affected
N/AVMware Fusion13.x < 13.5.2affected

Weaknesses

  • Heap buffer-overflow vulnerability

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References