| Summary: | app-emulation/vmware-* privilege escalation from guest (CVE-2008-4279) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | normal | CC: | vmware+disabled |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B3 [stable] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Stefan Behte (RETIRED)
2008-10-10 20:02:59 UTC
You cannot run an amd64 guest on x86, so this only affects amd64. We have in tree: app-emulation/vmware-workstation-5.5.7.91707 (amd64) app-emulation/vmware-workstation-5.5.8.108000 (~amd64) app-emulation/vmware-workstation-6.0.4.93057 (~amd64) app-emulation/vmware-workstation-6.0.5.109488 (~amd64) app-emulation/vmware-server-1.0.5.80187 (amd64) app-emulation/vmware-server-1.0.6.91891 (amd64) app-emulation/vmware-server-1.0.7.108231 (~amd64) app-emulation/vmware-player-1.0.7.91707 (amd64) app-emulation/vmware-player-1.0.8.108000 (~amd64) app-emulation/vmware-player-2.0.4.93057 (~amd64) app-emulation/vmware-player-2.0.5.109488 (~amd64) I guess we should mask the old ones. I gave this one B3 because VMs are often used for security purposes and it would have severe consequences if one could escape one VM and control all others. I think this can probably be rolled into bug 236167, which seems to be stalled (although I've added everything necessary to the tree, as far as I'm aware)... OK! *** This bug has been marked as a duplicate of bug 236167 *** |