Advisories » MGASA-2022-0342

Updated open-vm-tools packages fix security vulnerability

Publication date: 21 Sep 2022
Modification date: 21 Sep 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-31676

Description

A malicious actor with local non-administrative access to the Guest OS can
escalate privileges as a root user in the virtual machine (CVE-2022-31676).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=30770
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31676

SRPMS

8/core

• open-vm-tools-11.2.5-1.1.mga8