Flaw in VMware's CPU emulation allows privilege elevation
VMware has released updates for several of its products to solve two security problems. According to the vendor, the CPU hardware emulation contains a bug which causes trap flags to be processed incorrectly. The report says attackers could exploit this to elevate their privileges in guest systems. No further details were given.
While all product lines are generally affected, the flaw is no longer contained in the current Workstation and Player versions. All of the ESX and ESXi servers are still vulnerable. In addition, ESXi 3.5 and ESX 3.5 contain a directory traversal hole. The patches for the respective versions can be found in the vendor's original report.
See also:
- VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues, report by VMware
(djwm)