CVE-2023-34059

Related Files

Ubuntu Security Notice USN-6463-2

Posted Dec 7, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6463-2 - USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker with Guest Operations privileges could possibly use this issue to elevate their privileges.

tags | advisory, remote, vulnerability

systems | linux, ubuntu

advisories | CVE-2023-34058, CVE-2023-34059

SHA-256 | 539ac70bca3ea1e9964c520e718612b18a18216724e5f7d39c2a37c57be262c1

Download | Favorite | View

Debian Security Advisory 5543-1

Posted Nov 13, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5543-1 - Two security issues have been discovered in the Open VMware Tools, which could result in privilege escalation.

tags | advisory

systems | linux, debian

advisories | CVE-2023-34058, CVE-2023-34059

SHA-256 | c7cd6edc99b5ce7844173fe4d604a48697cb21e1fdd4652f16343b8de2a04955

Download | Favorite | View

Ubuntu Security Notice USN-6463-1

Posted Nov 13, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6463-1 - It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A local attacker could possibly use this issue to hijack /dev/uinput and simulate user inputs.

tags | advisory, remote, local

systems | linux, ubuntu

advisories | CVE-2023-34058, CVE-2023-34059

SHA-256 | a4da15fc219bf81c75561d0fc1ba953d4a02dafa38a0ac2d8968573aed6c9a0c

Download | Favorite | View