open-vm-tools-12.2.5-3.el8.1.ML.1
エラータID: AXSA:2024-7375:01
リリース日:
2024/01/11 Thursday - 11:04
題名:
open-vm-tools-12.2.5-3.el8.1.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- open-vm-tools には、攻撃対象の仮想マシンに、より権限の強い
ゲストエイリアスが割り当てられている環境下で SAML トークン
署名による認証を迂回できてしまう問題があるため、仮想マシン
の操作が可能な攻撃者により、権限の昇格を可能とする脆弱性が
存在します。(CVE-2023-34058)
- open-vm-tools の vmware-user-suid-wrapper には、ファイル
ディスクリプタを奪取できてしまう問題があるため、ローカル
の攻撃者により、/dev/uinput ファイルの奪取を介して、ユーザー
の操作の漏洩やシミュレートを可能とする脆弱性が存在します。
(CVE-2023-34059)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
追加情報:
N/A
ダウンロード:
SRPMS
- open-vm-tools-12.2.5-3.el8.1.ML.1.src.rpm
MD5: 17917fba9393bb6cfe0b3eb29aec0bbb
SHA-256: 345c2f6b707b50f67bd652a86a8e5497378b46c3ca41f69d6b27b65415307c4c
Size: 4.17 MB
Asianux Server 8 for x86_64
- open-vm-tools-12.2.5-3.el8.1.ML.1.x86_64.rpm
MD5: 5466a153172820d42c14176ff8060a60
SHA-256: 642cc1749d065d932a7b650e4c8b662d21ce080148d38befcb7c10aab1cd0260
Size: 880.95 kB - open-vm-tools-desktop-12.2.5-3.el8.1.ML.1.x86_64.rpm
MD5: 749b853ca152b729e3723a4e484f2319
SHA-256: 8684e8dbbcf2100ef9b73f4dda004c1234827f1e09a26936cb758d2207d6284a
Size: 202.40 kB - open-vm-tools-salt-minion-12.2.5-3.el8.1.ML.1.x86_64.rpm
MD5: 9fa7ba947bab4fa549dbe342f47cbb57
SHA-256: 5cd35bdb3667901cb3ec9dd62a432e7de08cc9724e29745c28c0024a823c6015
Size: 42.37 kB - open-vm-tools-sdmp-12.2.5-3.el8.1.ML.1.x86_64.rpm
MD5: 8196778963c2ef454eb3a25226f7917e
SHA-256: 64373c0432da9cfe1b509b9a93e534b923122c6378e0f40bbc92d43ecb790b82
Size: 43.32 kB
English