ELSA-2023-7265

ULN >
Oracle Linux Errata repository >
ELSA-2023-7265

ELSA-2023-7265 - open-vm-tools security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-11-21

Description

[12.2.5-3.0.1.1]
- Fix CVE-2023-34058 open-vm-tools: SAML token signature bypass
- Fix CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

Related CVEs

CVE-2023-34058

CVE-2023-34059

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	open-vm-tools-12.2.5-3.0.1.el8_9.1.src.rpm	f59500b0182286be3939a7535874a1f9e291acf2d2999a2e338c7a8b0cbbe128	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	open-vm-tools-12.2.5-3.0.1.el8_9.1.src.rpm	f59500b0182286be3939a7535874a1f9e291acf2d2999a2e338c7a8b0cbbe128	-	ol8_x86_64_appstream
	open-vm-tools-12.2.5-3.0.1.el8_9.1.x86_64.rpm	d3e61d9344bd94a9047f04b9b609a2e84eb5fbfc829b44cca1c859b651c27b11	-	ol8_x86_64_appstream
	open-vm-tools-desktop-12.2.5-3.0.1.el8_9.1.x86_64.rpm	11b160eb3cd04bf1c920996cc196b309ab54e7981f7918bda9df64d5d598d9d7	-	ol8_x86_64_appstream
	open-vm-tools-salt-minion-12.2.5-3.0.1.el8_9.1.x86_64.rpm	7683e48da0ad5fa9bd2b705921486215889336968da1072c5474b58255128d5e	-	ol8_x86_64_appstream
	open-vm-tools-sdmp-12.2.5-3.0.1.el8_9.1.x86_64.rpm	373f6e34bd0c64a9458a54464ca94b67f80bfd1c9c5f93b89c3edc63cb6c50a7	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691