From security em unicamp.br Wed Aug 24 10:14:49 2022 From: security em unicamp.br (CSIRT Unicamp) Date: Wed, 24 Aug 2022 10:14:49 -0300 Subject: [SECURITY-L] VMware Tools was impacted by a local privilege escalation vulnerability Message-ID: Prezados. Bom dia. Segue notificação sobre vulnerabilidades no VMware Tools. Advisory ID: VMSA-2022-0024 CVSSv3 Range: 7.0 Issue Date: 2022-08-23 Updated On: 2022-08-23 (Initial Advisory) CVE(s): CVE-2022-31676 Synopsis: VMware Tools update addresses a local privilege escalation vulnerability (CVE-2022-31676) *1. Impacted Products* - VMware Tools *2. Introduction* VMware Tools was impacted by a local privilege escalation vulnerability. Updates are available to remediate this vulnerability in affected VMware products. *3. Local privilege escalation vulnerability (CVE-2022-31676)* *Description* VMware Tools contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.0 . *Known Attack Vectors* A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. *Resolution* To remediate CVE-2022-31676 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below. *Workarounds* None. *Additional Documentation* None. *Notes* VMware Tools 10.3.25 only applies to the older Linux releases. *Acknowledgements* None. *Response Matrix* Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation VMware Tools 12.x.y, 11.x.y Windows CVE-2022-31676 7.0 important 12.1.0 None None VMware Tools 12.x.y, 11.x.y Linux CVE-2022-31676 7.0 important 12.1.0 None None VMware Tools 10.x.y Linux CVE-2022-31676 7.0 important 10.3.25 None None *4. References* Fixed Version(s) and Release Notes: VMware Tools 12.1.0 Downloads and Documentation: https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1210&productId=1259&rPId=92824 https://docs.vmware.com/en/VMware-Tools/12.1/rn/VMware-Tools-1210-Release-Notes.html VMware Tools 10.3.25 https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS10325&productId=1072&rPId=92945 https://docs.vmware.com/en/VMware-Tools/10.3/rn/VMware-Tools-10325-Release-Notes.html Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31676 FIRST CVSSv3 Calculator: CVE-2022-31676: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H *5. Change Log* *2022-08-23 VMSA-2022-0024 *Initial security advisory. === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: From security em unicamp.br Wed Aug 24 10:33:46 2022 From: security em unicamp.br (CSIRT Unicamp) Date: Wed, 24 Aug 2022 10:33:46 -0300 Subject: [SECURITY-L] [SECURITY] [DSA 5215-1] open-vm-tools security update In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5215-1 security em debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : open-vm-tools CVE ID : CVE-2022-31676 Debian Bug : 1018012 A vulnerability was discovered in open-vm-tools, an open source implementation of VMware Tools, allowing an unprivileged local guest user to escalate their privileges as root user in the virtual machine. For the stable distribution (bullseye), this problem has been fixed in version 2:11.2.5-2+deb11u1. We recommend that you upgrade your open-vm-tools packages. For the detailed security status of open-vm-tools please refer to its security tracker page at: https://security-tracker.debian.org/tracker/open-vm-tools Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce em lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmMGIkpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Tj0g/7BBmofHgBS2CeHE4YnDGTpNhNG7idYPsv/WzoE7PL6LIZzCwYWuSEtu2/ QYRYM5fNM/gj96/CdKnRbk6E3xyp6pJkUUgU1oQnrC2KnlzGsGsv7HLKra+xpu0o +HN4vqpcU9/kioyAaW4J2GvQbHOh15ZONEsaPyy7l7b7aRwd57SsHlJ0AfRO0N3M mtW8YfaTq93g5gZ6L0GG0rLLYsKyoqNWpN4+fEaEJL8Q0TFrnvVU/1Tr3ywGLDBa 81472pjMsyq8hugDSieWlMnb7ezR2qYL+QU+cnY4N8RNzXY3L8M6ZxCXMPmx0b5C uWWSWQlzwVE8MNmbTwqxMWEFiJUyF2uHc5AwfzXGAujcn1+zEQ/ucrhTxCFHJOFG g5n8C7dABSJWb7oL4DyX33NTFq+1/udc5l3nibxPsAeiGWT1XgJuutgJ/N743iwX sfPW3pgilYafhPHsMk+cxOSCPxb7o7+3eijx9Em2SkPwHv8kPHpk1Pf1Ckp2JDIf DnJ7B/I7t3hNPJSD+uHS+YqbOnvtg24AMEBfS1eIFtw6KSvcUDgfrVh4w3jXlkab 5l+BxKGgYQc+Tlwtbdcbj3QrYSlykZs5hFOzOOdkVLxjemRlQnzTX0HFSmfphUzv 7C2i0dLx/Spiu15q/tqwlCo2wcGOR1/BsVkCwgHdHVVdFPdivIY= =s5Rk -----END PGP SIGNATURE----- === Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - Unicamp Centro de Computacao - CCUEC GnuPG Public Key: http://www.security.unicamp.br/security.asc [^] Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830 -------------- Próxima Parte ---------- Um anexo em HTML foi limpo... URL: