Advisories » MGASA-2025-0237

Updated open-vm-tools package fixes security vulnerability

Publication date: 11 Oct 2025
Modification date: 11 Oct 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-41244

Description

It was discovered that open-vm-tools contains a local privilege
escalation vulnerability. A malicious actor with non-administrative
privileges on a guest VM may exploit this vulnerability to escalate
privileges to root on the same VM (CVE-2025-41244).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34641
• https://www.openwall.com/lists/oss-security/2025/09/29/10
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-41244

SRPMS

9/core

• open-vm-tools-12.3.5-2.2.mga9