SynopsisA virtualization application installed on the remote Linux host is affected by a privilege escalation vulnerability.
DescriptionThe version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.6. It is, therefore, affected by a privilege escalation vulnerability in the ALSA sound driver due to insecurely loading shared libraries via the '.asoundrc' configuration file. A local attacker can exploit this, by loading specially crafted libraries, to gain root privileges on the host.
SolutionUpgrade to VMware Workstation version 12.5.6 or later.