Bug 2118714 (CVE-2022-31676)

Summary: CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: amielnic, angelo.alvarez, boyang, cavery, cfeng, dbodnarc, ddepaula, eterrell, gveitmic, jburrell, jen, jentrena, jferlan, jsavanyo, jwolfe, kyoshida, ldu, leiwang, mrezanin, negativo17, pdwyer, ravindrakumar, rjones, sameer_ghogre, sbalasub, security-response-team, timo.alatalo, villapla, virt-maint, vkumar, yacao
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: open-vm-tools 12.1.0 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in open-vm-tools. A malicious actor with local non-administrative access to the guest operating system can escalate privileges as a root user in the virtual machine.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-09-29 10:29:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2119281, 2119282, 2119283, 2119284, 2119285, 2119286, 2119310, 2119311, 2120976    
Bug Blocks: 2118716    

Description Marian Rehak 2022-08-16 14:05:08 UTC 
A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
Comment 1 juneau 2022-08-16 17:06:47 UTC 
marking OSD affected/fix for _presence_ of code, although these services do not _use_ said code
Comment 10 Marian Rehak 2022-08-24 08:31:56 UTC 
Created open-vm-tools tracking bugs for this issue:

Affects: fedora-all [bug 2120976]
Comment 22 errata-xmlrpc 2022-09-06 14:36:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:6354 https://access.redhat.com/errata/RHSA-2022:6354
Comment 23 errata-xmlrpc 2022-09-06 14:38:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:6355 https://access.redhat.com/errata/RHSA-2022:6355
Comment 24 errata-xmlrpc 2022-09-06 14:38:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:6358 https://access.redhat.com/errata/RHSA-2022:6358
Comment 25 errata-xmlrpc 2022-09-06 14:46:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:6357 https://access.redhat.com/errata/RHSA-2022:6357
Comment 26 errata-xmlrpc 2022-09-06 15:18:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:6356 https://access.redhat.com/errata/RHSA-2022:6356
Comment 27 Angelo Alvarez 2022-09-07 03:56:34 UTC 
Is there an ETA for the updated open-vm-tools RPM for RHEL 7?
Comment 29 Yaju Cao 2022-09-07 13:03:05 UTC 
Hi, RHEL7.9's engineering work for the fix is ready, production team is delivering the fix, I think it will be published soon, thanks for your patience!
Comment 31 errata-xmlrpc 2022-09-07 13:32:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:6381 https://access.redhat.com/errata/RHSA-2022:6381
Comment 32 Eduardo Otubo 2022-09-29 10:29:16 UTC 
All the BZs related to this bug are already all closed with their erratas (2119281 2119282 2119283 2119284 2119285 2119286 2119310 2119311 2120976)

Nothing else to do on this BZ.
If this is not correct, please reopen it.