Описание
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues:
- CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module (bsc#1212143).
Bug fixes:
- Fixed build problem with grpc 1.54 (bsc#1210695).
Список пакетов
Container suse/sle-micro-rancher/5.2:latest
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Container suse/sle-micro-rancher/5.3:latest
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Container suse/sle-micro-rancher/5.4:latest
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Container suse/sle-micro/5.5:latest
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
Image SLES15-SP5-CHOST-BYOS-SAP-CCloud
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
SUSE Enterprise Storage 7.1
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-desktop-12.2.0-150300.29.1
open-vm-tools-salt-minion-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-desktop-12.2.0-150300.29.1
open-vm-tools-salt-minion-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-desktop-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-desktop-12.2.0-150300.29.1
open-vm-tools-salt-minion-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-desktop-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Manager Proxy 4.2
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
SUSE Manager Server 4.2
libvmtools-devel-12.2.0-150300.29.1
libvmtools0-12.2.0-150300.29.1
open-vm-tools-12.2.0-150300.29.1
open-vm-tools-sdmp-12.2.0-150300.29.1
Ссылки
- Link for SUSE-SU-2023:2604-2
- E-Mail link for SUSE-SU-2023:2604-2
- SUSE Security Ratings
- SUSE Bug 1210695
- SUSE Bug 1212143
- SUSE CVE CVE-2023-20867 page
Описание
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
Затронутые продукты
Container suse/sle-micro-rancher/5.2:latest:libvmtools0-12.2.0-150300.29.1
Container suse/sle-micro-rancher/5.2:latest:open-vm-tools-12.2.0-150300.29.1
Container suse/sle-micro-rancher/5.3:latest:libvmtools0-12.2.0-150300.29.1
Container suse/sle-micro-rancher/5.3:latest:open-vm-tools-12.2.0-150300.29.1
Ссылки
- CVE-2023-20867
- SUSE Bug 1212143
- SUSE Bug 1214402