It was discovered that open-vm-tools has multiple /tmp race conditions in the libDeployPkg component, allowing an unprivileged local user in a guest to cause a denial of service through file system manipulation, or, possibly, increase privileges.
Acknowledgements:
This issue was discovered by Florian Weimer of Red Hat Product Security.