open-vm-tools-11.3.5-1.el8.1.ML.1

エラータID: AXSA:2022-3807:02

Release date: 
Wednesday, September 7, 2022 - 07:22
Subject: 
open-vm-tools-11.3.5-1.el8.1.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.

Security Fix(es):

* open-vm-tools: local root privilege escalation in the virtual machine (CVE-2022-31676)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-31676
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. open-vm-tools-11.3.5-1.el8.1.ML.1.src.rpm
    MD5: 165a2fbda693bbe023a7634bf4d44ec8
    SHA-256: b7efb44ff4ee429d007d2f94093c24b41a4b7485858f3e965d05ea9a332f9305
    Size: 4.03 MB

Asianux Server 8 for x86_64
  1. open-vm-tools-11.3.5-1.el8.1.ML.1.x86_64.rpm
    MD5: 859568921ea5fdc9b5d8d7e9e336299e
    SHA-256: 9347e35089c577e84a24cab7ed6116bb282efb29060599a2939211b4b13378a8
    Size: 860.89 kB
  2. open-vm-tools-desktop-11.3.5-1.el8.1.ML.1.x86_64.rpm
    MD5: 7f22dddbbe1c6d2af6b30f013f830fb2
    SHA-256: 1a77efba0a39154eca9fa53aeef4d871f56cab7592d02c40f9222f963858f076
    Size: 200.23 kB
  3. open-vm-tools-sdmp-11.3.5-1.el8.1.ML.1.x86_64.rpm
    MD5: e2e7651ca85476036ddc637173e153ff
    SHA-256: 26d25fd05b965f83d0eed4d230985bb8ba3314420ceb2279d64333827b9b5c23
    Size: 39.55 kB