VMware informed customers last week that updates released for the Linux and Windows versions of Workstation patch privilege escalation and denial-of-service (DoS) vulnerabilities.
One of the flaws, discovered by Jann Horn of Google Project Zero and tracked as CVE-2017-4915, affects VMware Workstation Pro and Player 12.x on Linux. The weakness has been classified as “important” severity.
The security hole, described as an insecure library loading vulnerability, allows an unprivileged host user to escalate their privileges to root on the host via ALSA sound driver configuration files.
The second vulnerability, identified by Borja Merino and tracked as CVE-2017-4916, affects VMware Workstation Pro and Player 12.x on Windows.
This “moderate” severity flaw is a NULL pointer dereference issue that exists in the vstor2 driver. An attacker with regular host user privileges can exploit the vulnerability to cause a DoS condition on the host machine.
The vulnerabilities have been patched with the release of VMware Workstation 12.5.6. There are no workarounds for either of the flaws.
VMware has released eight other security advisories this year, including for an Apache Struts 2 vulnerability that had been exploited in the wild, and security bugs disclosed by white hat hackers at this year’s Pwn2Own competition.
Exploits involving VMware virtual machine escapes earned participants more than $200,000 at Pwn2Own 2017. Researchers at Qihoo 360 received $105,000 for an Edge exploit that achieved a VM escape, while Tencent Security’s Team Sniper earned $100,000 for a Workstation exploit.