open-vm-tools-11.0.5-3.el7.4

エラータID: AXSA:2022-3809:03

Release date: 
Wednesday, September 7, 2022 - 16:51
Subject: 
open-vm-tools-11.0.5-3.el7.4
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.

Security Fix(es):

* open-vm-tools: local root privilege escalation in the virtual machine (CVE-2022-31676)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-31676
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

Solution: 

Update packages.

CVEs: 
CVE-2022-31676
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
Additional Info: 

N/A

Download: 

SRPMS
  1. open-vm-tools-11.0.5-3.el7.4.src.rpm
    MD5: 0f197e5f42068601f82da27fdabaf5b2
    SHA-256: 186a6ed56173268c43fa184311d610133fa8518588e0109a722c91a9cf186e10
    Size: 3.81 MB

Asianux Server 7 for x86_64
  1. open-vm-tools-11.0.5-3.el7.4.x86_64.rpm
    MD5: 4a4a104019674db63746855ad4ed2761
    SHA-256: 26b98827cac7e9ef94419b3b01e91f36ef2f729fa209820421e07a79c130ccc3
    Size: 675.42 kB
  2. open-vm-tools-desktop-11.0.5-3.el7.4.x86_64.rpm
    MD5: 5634a1d4d15bdaf49523a7345cc94263
    SHA-256: fef68a64da23ba87a7927d5893bbf3761dbb53db835a6eec206a58eeb532fbba
    Size: 178.23 kB