[Security-announce] New VMSA-2018-0014 - VMware Horizon Client update addresses a privilege escalation vulnerability

VMware Security Announcements security-announce at lists.vmware.com
Tue May 29 11:01:50 PDT 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
                           VMware Security Advisory

Advisory ID: VMSA-2018-0014
Severity:    Important
Synopsis:    VMware Horizon Client update addresses a privilege
             escalation vulnerability
Issue date:  2018-05-29
Updated on:  2018-05-29 (Initial Advisory)
CVE number:  CVE-2018-6964

1. Summary

   VMware Horizon Client update addresses a privilege escalation
vulnerability

2. Relevant Products

   VMware Horizon Client for Linux (Horizon Client)

3. Problem Description

   VMware Horizon Client privilege escalation vulnerability

   VMware Horizon Client contains a local privilege escalation
   vulnerability due to insecure usage of SUID binary. Successful
   exploitation of this issue may allow unprivileged users to escalate
   their privileges to root on a Linux machine where Horizon Client is
   installed.

   VMware would like to thank Nassim Abbaoui, pentester at OVH, for
   reporting this issue to us.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2018-6964 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware       Product     Running          Replace with/ Mitigations/
   Product      Version     on      Severity Apply patch   Workarounds
   =========== ===========  ======= ======== ============  ============
Horizon Client 4.x & prior   Linux   Important   4.8.0         None


4. Solution

   Please review the patch/release notes for your product and version
   and verify the checksum of your downloaded file.

   VMware Horizon View Client for Linux 4.8.0
   Downloads and Documentation:
   https://my.vmware.com/en/web/vmware/info/slug/desktop_end_user
   _computing/vmware_horizon_clients/4_0


5. References

   https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6964

- - ---------------------------------------------------------------------

6. Change log

   2018-05-29 VMSA-2018-0014 Initial security advisory in conjunction
   with the release of VMware Horizon Client 4.8.0 on 2018-05-29.

- - ----------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

   This Security Advisory is posted to the following lists:
   security-announce at lists.vmware.com
   bugtraq at securityfocus.com
   fulldisclosure at seclists.org

   E-mail: security at vmware.com
   PGP key at: https://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   Consolidated list of VMware Security Advisories
   http://kb.vmware.com/kb/2078735

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html

   VMware Security & Compliance Blog
   https://blogs.vmware.com/security

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2018 VMware Inc.  All rights reserved.



-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFbDZU4DEcm8Vbi9kMRApVDAJ9135GNw3HmkVJaOGMgA+U60chs3QCcDjPH
r24RHQqTULReKtGs53UjVfs=
=pZt5
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.vmware.com/pipermail/security-announce/attachments/20180529/18838a84/attachment.html>


More information about the Security-announce mailing list