Today, VMware has released the following new security advisory:
“VMSA-2019-0009 – VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities (CVE-2019-5522, CVE-2019-5525)”
This documents the remediation of two important severity issues in VMware Tools and VMware Workstation respectively.
Issue (a) CVE-2019-5522 an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. A local attacker with non-administrative access to a Windows guest with VMware Tools installed may be able to leak kernel information or create a denial of service attack on the same Windows guest machine. This issue has been addressed in VMware Tools 10.3.10.
Issue (b) CVE-2019-5525 is a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend and affects VMware Workstation. A malicious user with normal user privileges on the guest machine may exploit this issue to execute code on the host. This issue has been addressed in VMware Workstation 15.1.0.
We would like to thank ChenNan and RanchoIce of Tencent ZhanluLab and Brice L’helgouarc’h of Amossys for reporting these issues to us.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisories and direct any questions to VMware Support.