• VMware ESXi hosts configured as VMware NSX-T (NSX) transport nodes experience a Purple Screen of Death (PSOD). The crash occurs within the nsxt-vswitch module data plane.
  
  
• The console displays a panic signature matching the following stack trace:
  
  

  VMware ESXi 8.0.3 [Releasebuild-24859861 x86_64]
  #PF Exception 14 in world 2098994:McastFilterS IP ############### addr ###############
  PTEs:0x80800c4023;0x63f29f063;0x861c1a1063;0x0;
  
  Module(s) involved in panic: [nsxt-vswitch-24302014 Version 1.0.0-0 RELEASEbuild-24302014 (External)]
  cr0=0x8001003d cr2=0x45bc7a211762 cr3=0x597ff000 cr4=0x14216c
  FMS=06/ad/1 uCode=0x10003d0
  frame=0x4539f549bc40 ip=0x42002b31dc3c err=0x0 rflags=0x10206
  ...
  *PCPU14:2098994/McastFilterSnoopWorld
  ...
  0x4539f549bd00:[0x42002b31dc3c][email protected]#1.0.0.0.24302014+0xf08 stack: 0x45bc7816da80
  0x4539f549bfa0:[0x420029b9fecc]vmkWorldFunc@vmkernel#nover+0x31 stack: 0x420029b9fec8
  0x4539f549bfe0:[0x42002a0dc88e]CpuSched_StartWorld@vmkernel#nover+0xbf stack: 0x0
  0x4539f549c000:[0x420029b453af]Debug_IsInitialized@vmkernel#nover+0xc stack: 0x0
  base fs=0x0 gs=0x420043800000 Kgs=0x0
  <TIMESTAMP> cpu20:2098124)vmsyslog logger <HOSTNAMES>:514 lost 1 log messages

VMware vSphere ESXi 

VMware NSX

• The host PSOD is triggered by a malformed IGMPv3 Membership Report packet generated by a Guest Operating System.
  
  
• Specifically, a boundary check omission in the multicast snooping engine causes an out-of-bounds memory read when the packet declares an artificially high group record count (numGroups = 0xffff) that exceeds the actual ethernet frame length.

This issue is resolved in the following releases:

1. VMware ESXi 8.0.3 P07 (Build 25067014).

2. VMware ESXi 9.0.2.0 (Build 25148076).

3. VMware NSX 4.2.3.3

Purple screen (PSOD) occurs on ESX host due to malformed IGMPv3 packet originating from the guest OS.