VMware Workstation Use-After-Free Arbitrary Code Execution Vulnerability
A vulnerability in VMware Workstation could allow an authenticated, remote attacker to execute arbitrary code on a targeted Linux host system.
The vulnerability is due to a use-after-free condition that exists in the Advanced Linux Sound Architecture (ALSA) backend of the affected software. An attacker on a guest system could exploit this vulnerability by sending a request that submits malicious input to the targeted host system. A successful exploit could allow the attacker to execute arbitrary code on the host system.
VMware has confirmed the vulnerability and released software updates.
Security Impact Rating: High