VMware has issued a patch for a Workstation Hypervisor vulnerability that makes it susceptible to a privilege escalation issue (CVE-2011-1126). It affects machines using Linux as the Hypervisor host environment.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
This security bug affects the vmrun utility that performs various tasks on a virtual machine (vmrun is installed by VMware Workstation as default). vmrun runs on any platform with installed VIX libraries. On Linux installations, a user with the ability to place files into the predefined library path could gain escalated privileges, and gain execution control of vmrun.
Vmware VIX for Linux 1.10.2 and earlier versions, VMware Workstation 7.1.3 on Linux and earlier versions, as well as VMware Workstation 6.5.5 on Linux and earlier versions are known to be affected by this issue. Windows versions of the product are unaffected by the vulnerability.
Although VMware has issued patches to rectify this issue, the VMware VIX API remains unpatched so far. Futher details regarding the vulnerability can be found in this VMware security advisory.