Описание
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues:
- CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module (bsc#1212143).
Bug fixes:
- Fixed build problem with grpc 1.54 (bsc#1210695).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
libvmtools0-12.2.0-4.53.1
open-vm-tools-12.2.0-4.53.1
open-vm-tools-desktop-12.2.0-4.53.1
open-vm-tools-salt-minion-12.2.0-4.53.1
open-vm-tools-sdmp-12.2.0-4.53.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libvmtools0-12.2.0-4.53.1
open-vm-tools-12.2.0-4.53.1
open-vm-tools-desktop-12.2.0-4.53.1
open-vm-tools-salt-minion-12.2.0-4.53.1
open-vm-tools-sdmp-12.2.0-4.53.1
Ссылки
- Link for SUSE-SU-2023:2530-1
- E-Mail link for SUSE-SU-2023:2530-1
- SUSE Security Ratings
- SUSE Bug 1210695
- SUSE Bug 1212143
- SUSE CVE CVE-2023-20867 page
Описание
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libvmtools0-12.2.0-4.53.1
SUSE Linux Enterprise Server 12 SP5:open-vm-tools-12.2.0-4.53.1
SUSE Linux Enterprise Server 12 SP5:open-vm-tools-desktop-12.2.0-4.53.1
SUSE Linux Enterprise Server 12 SP5:open-vm-tools-salt-minion-12.2.0-4.53.1
Ссылки
- CVE-2023-20867
- SUSE Bug 1212143
- SUSE Bug 1214402