Issued:: 2022-09-06
Updated:: 2022-09-06

RHSA-2022:6354 - Security Advisory

Overview
Updated Packages

Synopsis

Important: open-vm-tools security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.

Security Fix(es):

open-vm-tools: local root privilege escalation in the virtual machine (CVE-2022-31676)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

BZ - 2118714 - CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine

CVEs

CVE-2022-31676

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
open-vm-tools-10.3.10-3.el8_1.3.src.rpm	SHA-256: c9d873cf5b7e9128a6fa5bfe6e4aaf154532217b203e67a2316d0b985392a260
x86_64
open-vm-tools-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: a4533d037db99eeb2cb05ec53532503d0fb73778f63754dd60c1d694da042a0b
open-vm-tools-debuginfo-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: 457635f14a74f591ad5fd6887c3bd838be59789856cddfd63aa95d428b5b03b3
open-vm-tools-debugsource-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: 290c962a8a35eccec2c336d03bd8c5e3fddff300d5247b7dc69644674a9bb7f7
open-vm-tools-desktop-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: 15163460a7d3293fc049e0b1d8cc99a7d940b66037c7d091eabce7f2be5f37f9
open-vm-tools-desktop-debuginfo-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: 16d0a73a804fdd92a7206687fd1135bb6006167e833420f60fe7fb2b1dd93b66
open-vm-tools-test-debuginfo-10.3.10-3.el8_1.3.x86_64.rpm	SHA-256: ac7bb159686e157be5130334abad3dd64952c20288ba2ca008afca4fa99068f5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation