SUSE-SU-2022:2986-1

Опубликовано: 01 сент. 2022

Источник: suse-cvrf

Описание

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues:

CVE-2022-31676: Fixed an issue that could allow unprivileged users inside a virtual machine to escalate privileges (bsc#1202657).

Список пакетов

SUSE Enterprise Storage 6

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

SUSE Linux Enterprise Server 15 SP1-BCL

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libvmtools-devel-11.3.5-150100.4.37.13.1

libvmtools0-11.3.5-150100.4.37.13.1

open-vm-tools-11.3.5-150100.4.37.13.1

open-vm-tools-desktop-11.3.5-150100.4.37.13.1

open-vm-tools-sdmp-11.3.5-150100.4.37.13.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222986-1/
Link for SUSE-SU-2022:2986-1
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012049.html
E-Mail link for SUSE-SU-2022:2986-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1202657
SUSE Bug 1202657
https://www.suse.com/security/cve/CVE-2022-31676/
SUSE CVE CVE-2022-31676 page

Описание

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

Затронутые продукты

SUSE Enterprise Storage 6:libvmtools-devel-11.3.5-150100.4.37.13.1

SUSE Enterprise Storage 6:libvmtools0-11.3.5-150100.4.37.13.1

SUSE Enterprise Storage 6:open-vm-tools-11.3.5-150100.4.37.13.1

SUSE Enterprise Storage 6:open-vm-tools-desktop-11.3.5-150100.4.37.13.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-31676.html
CVE-2022-31676
https://bugzilla.suse.com/1202657
SUSE Bug 1202657
https://bugzilla.suse.com/1202733
SUSE Bug 1202733
https://bugzilla.suse.com/1202834
SUSE Bug 1202834
https://bugzilla.suse.com/1202995
SUSE Bug 1202995
https://bugzilla.suse.com/1204044
SUSE Bug 1204044
https://bugzilla.suse.com/1205471
SUSE Bug 1205471

SUSE-SU-2022:2986-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2022-31676

Описание

Затронутые продукты

Ссылки