Описание
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues:
- CVE-2022-31676: Fixed an issue that could allow unprivileged users inside a virtual machine to escalate privileges (bsc#1202657).
Список пакетов
SUSE Enterprise Storage 7
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Linux Enterprise Server 15 SP2-BCL
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Manager Proxy 4.1
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Manager Retail Branch Server 4.1
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
SUSE Manager Server 4.1
libvmtools-devel-11.3.5-150200.5.16.11.1
libvmtools0-11.3.5-150200.5.16.11.1
open-vm-tools-11.3.5-150200.5.16.11.1
open-vm-tools-desktop-11.3.5-150200.5.16.11.1
open-vm-tools-sdmp-11.3.5-150200.5.16.11.1
Ссылки
- Link for SUSE-SU-2022:2985-1
- E-Mail link for SUSE-SU-2022:2985-1
- SUSE Security Ratings
- SUSE Bug 1202657
- SUSE CVE CVE-2022-31676 page
Описание
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
Затронутые продукты
SUSE Enterprise Storage 7:libvmtools-devel-11.3.5-150200.5.16.11.1
SUSE Enterprise Storage 7:libvmtools0-11.3.5-150200.5.16.11.1
SUSE Enterprise Storage 7:open-vm-tools-11.3.5-150200.5.16.11.1
SUSE Enterprise Storage 7:open-vm-tools-desktop-11.3.5-150200.5.16.11.1
Ссылки
- CVE-2022-31676
- SUSE Bug 1202657
- SUSE Bug 1202733
- SUSE Bug 1202834
- SUSE Bug 1202995
- SUSE Bug 1204044
- SUSE Bug 1205471