Fedora 39: FEDORA-2023-86a50ffc72 Critical: Open-VM-Tools Security Update
fedora
November 8, 2023
Security fixes for CVE-2023-34058 and CVE-2023-34059
Summary
The open-vm-tools project is an open source implementation of VMware Tools. It
is a suite of open source virtualization utilities and drivers to improve the
functionality, user experience and administration of VMware virtual machines.
This package contains only the core user-space programs and libraries of
open-vm-tools.
Update Information:
Security fixes for CVE-2023-34058 and CVE-2023-34059
Change Log
* Mon Oct 30 2023 John Wolfe
References
[ 1 ] Bug #2246080 - CVE-2023-34058 open-vm-tools: SAML token signature bypass
https://bugzilla.redhat.com/show_bug.cgi?id=2246080
[ 2 ] Bug #2246096 - CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper
https://bugzilla.redhat.com/show_bug.cgi?id=2246096
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-86a50ffc72' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: open-vm-tools
Product: Fedora 39
Version: 12.3.0
Release: 3.fc39
Summary: Open Virtual Machine Tools for virtual machines hosted on VMware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!