PT-2017-6828 · Vmware+1 · Vmware Tools+1

Publicado

2017-03-15

Atualizado

2024-06-15

CVE-2015-5191

CVSS v3.1

6.7

Média

Vetor

AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware Tools versions prior to 10.0.9

Description The issue is related to multiple file system races in libDeployPkg, which uses hard-coded paths under /tmp. This could potentially lead to a local privilege escalation if successfully exploited.

Recommendations For versions prior to 10.0.9, update to version 10.0.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp directory to minimize the risk of exploitation.

Correção

LPE

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

CVE-2015-5191

MGASA-2017-0354

OPENSUSE-SU-2024:10475-1

SUSE-SU-2017:0701-1

SUSE-SU-2017:0702-1

SUSE-SU-2017:0705-1

SUSE-SU-2017_0701-1

SUSE-SU-2017_0702-1

SUSE-SU-2017_0705-1

Produtos afetados

Suse

Vmware Tools

PT-2017-6828 · Vmware+1 · Vmware Tools+1

CVE-2015-5191

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 42