open-vm-tools-12.2.5-3.el8.1.ML.1

エラータID: AXSA:2024-7375:01

Release date: 
Thursday, January 11, 2024 - 11:04
Subject: 
open-vm-tools-12.2.5-3.el8.1.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.

Security Fix(es):

* open-vm-tools: SAML token signature bypass (CVE-2023-34058)
* open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper (CVE-2023-34059)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A95...  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479... .
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

Solution: 

Update packages.

CVEs: 
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
Additional Info: 

N/A

Download: 

SRPMS
  1. open-vm-tools-12.2.5-3.el8.1.ML.1.src.rpm
    MD5: 17917fba9393bb6cfe0b3eb29aec0bbb
    SHA-256: 345c2f6b707b50f67bd652a86a8e5497378b46c3ca41f69d6b27b65415307c4c
    Size: 4.17 MB

Asianux Server 8 for x86_64
  1. open-vm-tools-12.2.5-3.el8.1.ML.1.x86_64.rpm
    MD5: 5466a153172820d42c14176ff8060a60
    SHA-256: 642cc1749d065d932a7b650e4c8b662d21ce080148d38befcb7c10aab1cd0260
    Size: 880.95 kB
  2. open-vm-tools-desktop-12.2.5-3.el8.1.ML.1.x86_64.rpm
    MD5: 749b853ca152b729e3723a4e484f2319
    SHA-256: 8684e8dbbcf2100ef9b73f4dda004c1234827f1e09a26936cb758d2207d6284a
    Size: 202.40 kB
  3. open-vm-tools-salt-minion-12.2.5-3.el8.1.ML.1.x86_64.rpm
    MD5: 9fa7ba947bab4fa549dbe342f47cbb57
    SHA-256: 5cd35bdb3667901cb3ec9dd62a432e7de08cc9724e29745c28c0024a823c6015
    Size: 42.37 kB
  4. open-vm-tools-sdmp-12.2.5-3.el8.1.ML.1.x86_64.rpm
    MD5: 8196778963c2ef454eb3a25226f7917e
    SHA-256: 64373c0432da9cfe1b509b9a93e534b923122c6378e0f40bbc92d43ecb790b82
    Size: 43.32 kB