Launchpad.net

CVE 2017-4945

VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstation 14.1.0 and Fusion 10.1.0 by default.

Related bugs and status

CVE-2017-4945 (Candidate) is related to these bugs:

Bug #1741390: Please backport open-vm-tools 2:10.2.0-3 (main) from bionic

		In	Importance	Status
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu)	High	Fix Released
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu Xenial)	High	Fix Released
1741390	Please backport open-vm-tools 2:10.2.0-3 (main) from bionic	open-vm-tools (Ubuntu Artful)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://www.vmware.com...
SECTRACK: 1040109
BID: 102441
SECTRACK: 1040136