Branch c9f2 update bulletin.

Package open-vm-tools updated to version 12.3.5-alt0.c9.1 for branch c9f2 in task 338423.

Published: 2023-06-13

BDU:2023-03162

Уязвимость модуля vgauth компонента VMware Tools гипервизора VMware ESXi, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации

References:

Published: 2023-08-31

BDU:2023-05064

Уязвимость набора утилит VMware Tools, связанная с возможностью обхода подписи SAML-токена, позволяющая нарушителю повысить свои привилегии

Severity: HIGH (7.5) Vector: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2023-10-26

BDU:2023-07234

Уязвимость набора утилит VMware Tools для операционных систем Windows, связанная с недостатками процедуры авторизации, позволяющая нарушителю повысить свои привилегии

Severity: HIGH (7.5) Vector: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2022-11-30
Modified: 2024-11-21

CVE-2021-31693

The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-46889. NOTE: VMware information, previously connected to this CVE ID because of a typo, is at CVE-2022-31693.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2023-06-13
Modified: 2025-03-08

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

References:

Published: 2023-08-31
Modified: 2024-11-21

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2023-10-27
Modified: 2025-03-06

CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2023-10-27
Modified: 2025-03-06

CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Миграция на /run и /run/lock

Version: 2.1.0

Branch c9f2 update on 2024-01-25

ALT-BU-2024-1371-1

ALT-PU-2024-1233-3

Closed vulnerabilities

BDU:2023-03162

BDU:2023-05064

BDU:2023-07234

CVE-2021-31693

CVE-2023-20867

CVE-2023-20900

CVE-2023-34058

CVE-2023-34059

Closed bugs

Bug #35890