Alerts This Week
Warning Icon 1 1,146
Alerts This Week
Warning Icon 1 1,146

Ubuntu 14.04 LTS Security Advisory USN-7714-1 Open VM Tools Critical Fixes

ubuntu
Calendar Grey August 31, 2025
Dist Ubuntu Esm H88
The vulnerabilities in Open VM Tools on Ubuntu 14.04 LTS have been patched. Ensure you update your system to safeguard against potential local exploitation.
Several security issues were fixed in Open VM Tools.

Summary

Several security issues were fixed in Open VM Tools.

Software Description:

- open-vm-tools: Open VMware Tools for virtual machines hosted on VMware

Details:

Matthias Gerstner discovered that Open VM Tools incorrectly handled file

descriptors when dropping privileges. A local attacker could possibly use

this issue to hijack /dev/uinput and simulate user inputs. (CVE-2023-34059)

Dolev Farhi discovered that Open VM Tools incorrectly handled certain file

permissions. A local attacker could possibly use this issue to setup a

symlink

attack and override files without authorization. (CVE-2014-4199)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS
  open-vm-tools                   2:9.4.0-1280544-5ubuntu6.4+esm1
                                  Available with Ubuntu Pro
  open-vm-tools-desktop           2:9.4.0-1280544-5ubuntu6.4+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7714-1

CVE-2014-4199, CVE-2023-34059

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7714-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here