Virtualization giant VMware released a series of patches on Tuesday to address a vulnerability that affects several of its popular software products that could result in a privilege escalation on older Windows-based Guest Operating Systems.
The vulnerability (CVE-2013-3519) affects various versions of VMware’s Workstation, Fusion, ESXi and ESX products.
According to the security advisory, the vulnerability falls in the “handling of control code in the LGTOSYNC.SYS driver” which could enable a local attacker to manipulate the memory allocation and result in a privilege escalation.
The vulnerability does not allow for privilege escalation from the Guest Operating System to the host, VMWare said, meaning that host memory could not be manipulated from the Guest Operating System.
Affected software products from VMware include:
VMware Workstation 9.x prior to version 9.0.3
VMware Player 5.x prior to version 5.0.3
VMware Fusion 5.x prior to version 5.0.4
VMware ESXi 5.1 without patch ESXi510-201304102
VMware ESXi 5.0 without patch ESXi500-201303102
VMware ESXi 4.1 without patch ESXi410-201301402
VMware ESXi 4.0 without patch ESXi400-201305401
VMware ESX 4.1 without patch ESX410-201301401
VMware ESX 4.0 without patch ESX400-201305401
VMware gave credit to Derek Soeder of Cylance for reporting the vulnerability.
Additional information including patch/release notes for specific products can be found at the links below:
According to VMWare, after any patch is applied, VMware Guest Tools must be updated in any pre-existing Windows-based Guest Operating System followed by a reboot of the guest system.