The flaw, that resides in the affects the drag-and-drop function, can be exploited by attackers to execute arbitrary code on the host operating system running Fusion or Workstation.
The security vulnerability affects Workstation Player and Pro 12.x, and Fusion (Pro) 8.x., while the ESXi is not affected.
The flaw war reported hacking contest 2016 PwnFest held in South Korea at the 2016 Power Of Community (POC) security conference. The hackers earned $140,000 for the Windows Edge hacks, while Qihoo hacker team and Lee earned $150,000 for the hack of the VMware Workstation 12.5.1.
VMware patched the vulnerability with the release of versions 12.5.2 and 8.5.2.
a. VMware Workstation and Fusion out-of-bounds memory access vulnerability
The drag-and-drop (DnD) function in VMware Workstation and Fusion has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.” states the advisory published by VMware.
VMware explained that the flaw cannot be exploited against Workstation Pro or Fusion when both the drag-and-drop and copy-and-paste functions are disabled, while it remains exploitable on Workstation Player.
Recently VMware released several security updates to fix the local privilege escalation flaw in Linux kernel, also known as Dirty COW, tracked as CVE-2016-5195.
“The Linux kernel which ships with the base operating system of VMware Appliances contains a race condition in the way its memory subsystem handles copy-on-write (aka “Dirty COW”). Successful exploitation of the vulnerability may allow for local privilege escalation. The product lines listed in this advisory have been confirmed to be affected.” reads the advisory from VMmware.com.
Security patches for Identity Manager, vRealize Automation and version 5.x of vRealize Operations are still pending.
(Security Affairs – CVE-2016-7461, VMware)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.