What open-vm-tools package version mitigate vulnerability CVE-2022-31676 and/or VMSA-2022-0024?

Solution In Progress - Updated -

Issue

  • How to mitigate vulnerability CVE-2022-31676 and/or VMSA-2022-0024 in a Red Hat Enterprise Linux (RHEL) 7.x Virtual Machine (VM) running on VMWare?
  • The link VMSA-2022-0024 indicates upgrading the open-vm-tools from 12.x.y, 11.x.y and 10.x.y to 12.1.0. Is that correct?
  • Will upgrading the open-vm-tools to open-vm-tools-11.0.5-3.el7_9.4.src.rpm mitigate the vulnerability CVE-2022-31676?

Environment

  • Red Hat Enterprise Linux 7.x running on top of VMWare virtualization infrastructure.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content