open-vm-tools-12.3.5-2.el8_10.1
エラータID: AXSA:2025-10966:03
リリース日:
2025/10/16 Thursday - 14:03
題名:
open-vm-tools-12.3.5-2.el8_10.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- open-vm-tools には、ローカルの攻撃者により、SDMP が有効化
された Aria Operations によって管理されている仮想マシンへの
アクセスを介して、特権の昇格を可能とする脆弱性が存在します。
(CVE-2025-41244)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-41244
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
追加情報:
N/A
ダウンロード:
SRPMS
- open-vm-tools-12.3.5-2.el8_10.1.src.rpm
MD5: 2642ff9a70eee9e540cfdb60ea8d1d88
SHA-256: e973e959bbe3889aee3ff2d70e894a927f4d8acbab262be1a8ca263ce7df3386
Size: 4.16 MB
Asianux Server 8 for x86_64
- open-vm-tools-12.3.5-2.el8_10.1.x86_64.rpm
MD5: b46e3746a3bddf60c8dffae4898a7ba8
SHA-256: 8e20675fc8c48cadb80a70ae25dbc33cdbeec0ba0d8eee67e2acfbd3f08e2282
Size: 883.16 kB - open-vm-tools-desktop-12.3.5-2.el8_10.1.x86_64.rpm
MD5: 13e8d0a53dc38ea0546864f34ddb892b
SHA-256: c93b92b8b9ec9df4c0b9939f3e4825d0d8d37c8ecc95d13ccc154f21ba54eeb4
Size: 203.05 kB - open-vm-tools-salt-minion-12.3.5-2.el8_10.1.x86_64.rpm
MD5: 7d7a1f5fd11b45c3f16c294340b97889
SHA-256: 5aec4a57211f189c371ce720ae88811595ca462485e3ce52f30115ca4eb7c6a1
Size: 45.51 kB - open-vm-tools-sdmp-12.3.5-2.el8_10.1.x86_64.rpm
MD5: 4ee33751ea12d72396b3b91fa7961a4f
SHA-256: 3fc65f2a856cceb976099b6b6139dfdc0b0b578128d24c109efd95e3c7a765fc
Size: 44.12 kB
English