First published: Mon May 22 2017(Updated: )
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Workstation and ESXi | =12.0.0 | |
VMware Workstation | =12.0.0 | |
Linux Kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-4915 has a medium severity rating due to its potential for privilege escalation on a Linux host.
To fix CVE-2017-4915, update to the latest version of VMware Workstation Pro or Player that addresses this vulnerability.
Users of VMware Workstation Pro and VMware Workstation Player version 12.0.0 on Linux are affected by CVE-2017-4915.
No, CVE-2017-4915 requires local access to the host to exploit the privilege escalation vulnerability.
Linux systems running VMware Workstation Pro or Player version 12.0.0 are at risk from CVE-2017-4915.