As I'm sure you know and always quickly discover far too late to recover from whenever uncovered*
Repairing revealing flaws with patches does not stop all nor certain curious bugs further embedding deeper still throughout kernel systems ...... which is probably why VMware was/is wise not to claim the bug is removed and removable from hypervisor systems administrations nor is it not leaving behind in deeper embeds further unauthorised actor activity for expanding future emergent kernel processor instruction set deliveries.
Would one then still call that out as a bug for systems to apply useless patches against, or would it be realised and classified as fundamentally something else radically different entirely ....... and against which there is no possible defence ..... in these present times and current spaces ‽ .
* Well, do/did you know? What did/do you do about it? What routes do/did you take/make? Ignore/Ignored it and hope/hoped it goes away to somewhere else? You know, Ye Olde Worlde Bury Your Heads in the Sand or Up into the Dark Where the Sun doesn't Shine Root. How is that working out for y'all?