VMware Workstation 12.x < 12.5.6 Insecure Library Loading Privilege Escalation (VMSA-2017-0009) (Linux)
High Nessus Plugin ID 100417
SynopsisA virtualization application installed on the remote Linux host is affected by a privilege escalation vulnerability.
DescriptionThe version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.6. It is, therefore, affected by a privilege escalation vulnerability in the ALSA sound driver due to insecurely loading shared libraries via the '.asoundrc' configuration file. A local attacker can exploit this, by loading specially crafted libraries, to gain root privileges on the host.
SolutionUpgrade to VMware Workstation version 12.5.6 or later.