[CLSA-2025:1750444475] open-vm-tools: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2025-06-20 18:34:40 UTC
Description:
- CVE-2023-34058: don't accept tokens with unrelated certs - CVE-2023-34059: fix file descriptor vuln by moving privilege drop from suidWrapper to vmtoolsd
Updated packages:
  • open-vm-tools-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:283b1f166442463e710b56454ecc6630936b89060b6825d2cca39be9221bad6f
  • open-vm-tools-desktop-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:b3488acb3d9ec31a1049fdc96a88fd3002284a3e19d6ef346fed6439b1384491
  • open-vm-tools-devel-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:27149fdf5558763f8e2a9ce7a68c3c582ce78c3d950403ece3ac51e52cfa0174
  • open-vm-tools-salt-minion-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:575721cb258280d1262af0e422d9e0b32b07b6f314e880dd707c501a28ca72f1
  • open-vm-tools-sdmp-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:a9d14227ea5a395c7fff0bd474d52c5ca3e01189b9bd6f58d6a68d59db61db12
  • open-vm-tools-test-12.1.5-1.el9.3.alma.1.tuxcare.els1.x86_64.rpm
    sha:5f22df3cefda4b9599c0bfdaa9735a6a0b4a2a256a6282d6630cf24f0d4b5f3c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.