Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-4921

VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation.

Related bugs and status

CVE-2017-4921 (Candidate) is related to these bugs:

Bug #1741390: Please backport open-vm-tools 2:10.2.0-3 (main) from bionic

		In	Importance	Status
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu)	High	Fix Released
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu Xenial)	High	Fix Released
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu Artful)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://www.vmware.com...
BID: 100006
SECTRACK: 1039013