Discovered by a member of Cisco Talos.Today, Talos is disclosing a vulnerability in VMWare Workstation that could result in Denial of Service.  VMWare Workstation is a widely used virtualization platform designed to run alongside a normal operating system, allowing users to use both virtualized and physical systems concurrently.


TALOS-2018-0540 / CVE-2018-6965 is an exploitable Denial of Service (DoS) vulnerability in the VMWare Workstation 14 software. The vulnerability lies in the pixel shader utilized by VMWare Workstation and can be triggered by supplying a malformed pixel shader in either text or binary form inside a VMWare guest operating system. This vulnerability can be triggered from VMWare guest or VMWare hosts and results in a process crashing leading to a DoS state.

For more technical details, please read our advisory here.

Tested Software:

VMware Workstation 14 (


Talos has developed the following Snort rules to detect attempts to exploit this vulnerability. Note that these rules are subject to change pending additional vulnerability information. For the most current information, please visit your Firepower Management Center or

Snort Rules: 45981-45982

For other vulnerabilities Talos has disclosed, please refer to our Vulnerability Report Portal:

To review our Vulnerability Disclosure Policy, please visit this site: