Описание
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues:
- CVE-2025-41244: local privilege escalation via the Service Discovery Plugin (bsc#1250373).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
libvmtools-devel-13.0.0-150600.3.18.1
libvmtools0-13.0.0-150600.3.18.1
open-vm-tools-13.0.0-150600.3.18.1
open-vm-tools-salt-minion-13.0.0-150600.3.18.1
open-vm-tools-sdmp-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libvmtools-devel-13.0.0-150600.3.18.1
libvmtools0-13.0.0-150600.3.18.1
open-vm-tools-13.0.0-150600.3.18.1
open-vm-tools-salt-minion-13.0.0-150600.3.18.1
open-vm-tools-sdmp-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Containers 15 SP6
open-vm-tools-containerinfo-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Containers 15 SP7
open-vm-tools-containerinfo-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
open-vm-tools-desktop-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
open-vm-tools-desktop-13.0.0-150600.3.18.1
openSUSE Leap 15.6
libvmtools-devel-13.0.0-150600.3.18.1
libvmtools0-13.0.0-150600.3.18.1
open-vm-tools-13.0.0-150600.3.18.1
open-vm-tools-containerinfo-13.0.0-150600.3.18.1
open-vm-tools-desktop-13.0.0-150600.3.18.1
open-vm-tools-salt-minion-13.0.0-150600.3.18.1
open-vm-tools-sdmp-13.0.0-150600.3.18.1
Ссылки
- Link for SUSE-SU-2025:03434-1
- E-Mail link for SUSE-SU-2025:03434-1
- SUSE Security Ratings
- SUSE Bug 1250373
- SUSE CVE CVE-2025-41244 page
Описание
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libvmtools-devel-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libvmtools0-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:open-vm-tools-13.0.0-150600.3.18.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:open-vm-tools-salt-minion-13.0.0-150600.3.18.1
Ссылки
- CVE-2025-41244
- SUSE Bug 1250373