Your one-stop web resource providing safety and security information to manufacturers

VMware released updates for VMware Workstation and VMware Player that fix a security vulnerability that attackers could use to host privilege escalation on Linux-based devices.

VMware Workstation for Linux 9.x prior to version 9.0.3 and VMware Player for Linux 5.x prior to version 5.0.3 suffer from the issue, according to the advisory published by the company. Fusion, ESX and ESXi do not have the problem.

VMware Patches Security Holes
VMware Fixes DoS Vulnerability
Big Security Patch from Oracle
Cisco Security Advisories

The issue (CVE-2013-5972), which is the result of the way shared libraries end up handled, could allow a local attacker to escalate his privileges to root.

“The vulnerability does not allow for privilege escalation from the Guest Operating System to the host or vice-versa,” VMware said.

Cyber Security

Workstation and Player customers should update their installations to versions 9.0.3 and 5.0.3, respectively as soon as possible.

Pin It on Pinterest

Share This