Описание
ELSA-2025-17509: open-vm-tools security update (IMPORTANT)
[12.3.5-2.0.1.el8.1]
- Fix spaces in vmware udev rule for scsi devices [Orabug: 24461968]
- Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019]
- Increase timeout for scsi devices on VMWare guests by adding a udev rule. [Orabug: 21819156]
[12.3.5-2.el8.1]
- ovt-SDMP-Service-Discovery-Plugin.patch [RHEL-117388]
- Resolves: RHEL-117388 ([CISA Major Incident] CVE-2025-41244 open-vm-tools: Local privilege escalation in open-vm-tools [rhel-8.10.z])
[12.3.5-2]
- ovt-Restart-tools-on-failure.patch [RHEL-17683]
- Resolves: RHEL-17683 (Add Restart=on-failure to vmtoolsd.service [rhel-8])
Обновленные пакеты
Oracle Linux 8
Oracle Linux x86_64
open-vm-tools
12.3.5-2.0.1.el8_10.1
open-vm-tools-desktop
12.3.5-2.0.1.el8_10.1
open-vm-tools-salt-minion
12.3.5-2.0.1.el8_10.1
open-vm-tools-sdmp
12.3.5-2.0.1.el8_10.1
Связанные CVE
Связанные уязвимости
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
VMware Aria Operations and VMware Tools contain a local privilege esca ...
