Description of Problem
A vulnerability has been identified in Citrix Workspace app for Linux that could result in a local user elevating their privilege level to root on the computer running Citrix Workspace app for Linux.
The vulnerability has the following identifier:
CVE ID |
Description |
Vulnerability Type |
Pre-conditions |
CVE-2022-21825 |
Local privilege Escalation |
CWE-284: Improper Access Control |
Local user access to a system where Citrix Workspace App for Linux has been installed with App Protection. |
This vulnerability only affects Citrix Workspace app for Linux 2012 - 2111 and only exists if App Protection was installed as part of Citrix Workspace app for Linux. This vulnerability does not exist if App Protection is not installed.
Citrix Workspace app for other platforms is not affected by this issue.
What Customers Should Do
This issue has been addressed in the following versions of Citrix Workspace app for Linux:
-
Citrix Workspace App for Linux 2112 and later versions
Citrix strongly recommends that affected customers upgrade to a fixed version as soon as possible.
The latest version of Citrix Workspace app for Linux is available from the following Citrix website location:
Acknowledgements
What Citrix is Doing
Obtaining Support on This Issue
Subscribe to Receive Alerts
Reporting Security Vulnerabilities to Citrix
Disclaimer
Changelog
Date | Change |
2022-01-11 | Initial Publication |