Описание
ELSA-2022-6381: open-vm-tools security update (IMPORTANT)
[11.0.5-3.0.1]
- fix spaces in vmware udev rule for scsi devices [Orabug: 24461968]
- Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019]
- Increase timeout for scsi devices on VMWare guests by adding a udev rule.
- Created a new file 99-vmware-scsi-timeout.rules
- Modified spec file to install this new file. [Orabug: 21819156]
[11.0.5-3.el7_9.4]
- ovt-Properly-check-authorization-on-incoming-guestOps-re.patch [bz#2119310]
- Resolves: bz#2119310 (CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-7.9.z])
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
open-vm-tools
11.0.5-3.0.1.el7_9.4
open-vm-tools-desktop
11.0.5-3.0.1.el7_9.4
open-vm-tools-devel
11.0.5-3.0.1.el7_9.4
open-vm-tools-test
11.0.5-3.0.1.el7_9.4
Связанные CVE
Связанные уязвимости
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege es ...
