Red Hat Product Errata RHSA-2023:7263 - Security Advisory
Issued:
2023-11-15
Updated:
2023-11-15

RHSA-2023:7263 - Security Advisory

Synopsis

Important: open-vm-tools security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Security Fix(es):

  • open-vm-tools: SAML token signature bypass (CVE-2023-34058)
  • open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper (CVE-2023-34059)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2246080 - CVE-2023-34058 open-vm-tools: SAML token signature bypass
  • BZ - 2246096 - CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
open-vm-tools-11.3.5-1.el8_6.5.src.rpm SHA-256: 557c0d7260633ee916e05cbe45adc3444b6ce023ddb4cfd919d86f2c9a633ed4
x86_64
open-vm-tools-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 944fec1dc537a91b930d3d0cd987f66f677bfd64dc45aff0236cb72fc8f20697
open-vm-tools-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 60ec67441bfc0e429e84d2489584fa8dca2d38637c3eb2b3ead326989aa43d88
open-vm-tools-debugsource-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 168892ca29f6a749b13c6395a66a7b35174ac3cd653bc5021f47cf1900ad067a
open-vm-tools-desktop-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: e9129445f2537f538ecfac70f27428d4bd558e9b256602ec096f9de43da31cb3
open-vm-tools-desktop-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 546363496a2cc1ef2d304146fabfdeabd5ebbabf9e930b1e316d18789799505c
open-vm-tools-sdmp-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 8838de67ca21a036dd66211d080182de9f593e4af2e87cc4da79398720154c51
open-vm-tools-sdmp-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 3b7d57b479e236f2cbfe3bb660bdf89aa238bd8857e2e04c602a2b7c06a70179
open-vm-tools-test-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: a2c87dd047d3b2bd879191b58c8d4aa35fb93f361888e138cdb8cfda2c914a36

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
open-vm-tools-11.3.5-1.el8_6.5.src.rpm SHA-256: 557c0d7260633ee916e05cbe45adc3444b6ce023ddb4cfd919d86f2c9a633ed4
x86_64
open-vm-tools-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 944fec1dc537a91b930d3d0cd987f66f677bfd64dc45aff0236cb72fc8f20697
open-vm-tools-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 60ec67441bfc0e429e84d2489584fa8dca2d38637c3eb2b3ead326989aa43d88
open-vm-tools-debugsource-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 168892ca29f6a749b13c6395a66a7b35174ac3cd653bc5021f47cf1900ad067a
open-vm-tools-desktop-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: e9129445f2537f538ecfac70f27428d4bd558e9b256602ec096f9de43da31cb3
open-vm-tools-desktop-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 546363496a2cc1ef2d304146fabfdeabd5ebbabf9e930b1e316d18789799505c
open-vm-tools-sdmp-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 8838de67ca21a036dd66211d080182de9f593e4af2e87cc4da79398720154c51
open-vm-tools-sdmp-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 3b7d57b479e236f2cbfe3bb660bdf89aa238bd8857e2e04c602a2b7c06a70179
open-vm-tools-test-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: a2c87dd047d3b2bd879191b58c8d4aa35fb93f361888e138cdb8cfda2c914a36

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
open-vm-tools-11.3.5-1.el8_6.5.src.rpm SHA-256: 557c0d7260633ee916e05cbe45adc3444b6ce023ddb4cfd919d86f2c9a633ed4
x86_64
open-vm-tools-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 944fec1dc537a91b930d3d0cd987f66f677bfd64dc45aff0236cb72fc8f20697
open-vm-tools-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 60ec67441bfc0e429e84d2489584fa8dca2d38637c3eb2b3ead326989aa43d88
open-vm-tools-debugsource-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 168892ca29f6a749b13c6395a66a7b35174ac3cd653bc5021f47cf1900ad067a
open-vm-tools-desktop-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: e9129445f2537f538ecfac70f27428d4bd558e9b256602ec096f9de43da31cb3
open-vm-tools-desktop-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 546363496a2cc1ef2d304146fabfdeabd5ebbabf9e930b1e316d18789799505c
open-vm-tools-sdmp-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 8838de67ca21a036dd66211d080182de9f593e4af2e87cc4da79398720154c51
open-vm-tools-sdmp-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 3b7d57b479e236f2cbfe3bb660bdf89aa238bd8857e2e04c602a2b7c06a70179
open-vm-tools-test-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: a2c87dd047d3b2bd879191b58c8d4aa35fb93f361888e138cdb8cfda2c914a36

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
open-vm-tools-11.3.5-1.el8_6.5.src.rpm SHA-256: 557c0d7260633ee916e05cbe45adc3444b6ce023ddb4cfd919d86f2c9a633ed4
x86_64
open-vm-tools-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 944fec1dc537a91b930d3d0cd987f66f677bfd64dc45aff0236cb72fc8f20697
open-vm-tools-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 60ec67441bfc0e429e84d2489584fa8dca2d38637c3eb2b3ead326989aa43d88
open-vm-tools-debugsource-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 168892ca29f6a749b13c6395a66a7b35174ac3cd653bc5021f47cf1900ad067a
open-vm-tools-desktop-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: e9129445f2537f538ecfac70f27428d4bd558e9b256602ec096f9de43da31cb3
open-vm-tools-desktop-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 546363496a2cc1ef2d304146fabfdeabd5ebbabf9e930b1e316d18789799505c
open-vm-tools-sdmp-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 8838de67ca21a036dd66211d080182de9f593e4af2e87cc4da79398720154c51
open-vm-tools-sdmp-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 3b7d57b479e236f2cbfe3bb660bdf89aa238bd8857e2e04c602a2b7c06a70179
open-vm-tools-test-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: a2c87dd047d3b2bd879191b58c8d4aa35fb93f361888e138cdb8cfda2c914a36

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
open-vm-tools-11.3.5-1.el8_6.5.src.rpm SHA-256: 557c0d7260633ee916e05cbe45adc3444b6ce023ddb4cfd919d86f2c9a633ed4
x86_64
open-vm-tools-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 944fec1dc537a91b930d3d0cd987f66f677bfd64dc45aff0236cb72fc8f20697
open-vm-tools-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 60ec67441bfc0e429e84d2489584fa8dca2d38637c3eb2b3ead326989aa43d88
open-vm-tools-debugsource-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 168892ca29f6a749b13c6395a66a7b35174ac3cd653bc5021f47cf1900ad067a
open-vm-tools-desktop-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: e9129445f2537f538ecfac70f27428d4bd558e9b256602ec096f9de43da31cb3
open-vm-tools-desktop-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 546363496a2cc1ef2d304146fabfdeabd5ebbabf9e930b1e316d18789799505c
open-vm-tools-sdmp-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 8838de67ca21a036dd66211d080182de9f593e4af2e87cc4da79398720154c51
open-vm-tools-sdmp-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: 3b7d57b479e236f2cbfe3bb660bdf89aa238bd8857e2e04c602a2b7c06a70179
open-vm-tools-test-debuginfo-11.3.5-1.el8_6.5.x86_64.rpm SHA-256: a2c87dd047d3b2bd879191b58c8d4aa35fb93f361888e138cdb8cfda2c914a36

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.