Today VMware has released the following new security advisory:
“VMSA-2018-0014 – VMware Horizon Client update addresses a privilege escalation vulnerability”
This documents the remediation of an important severity local privilege escalation
vulnerability (CVE-2018-6964) in VMware Horizon Client for Linux. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed.
VMware Horizon Client for Linux 4.x and prior versions are affected. This issue has been addressed in VMware Horizon Client for Linux 4.8.0.
We would like to thank Nassim Abbaoui, pentester at OVH, for reporting this issue to us.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisories and direct any questions to VMware Support.