2246096 – (CVE-2023-34059) CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

Bug 2246096 (CVE-2023-34059) - CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

Summary: CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmw...

Keywords:
Status:	NEW
Alias:	CVE-2023-34059
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2246962
Blocks:	2245691
TreeView+	depends on / blocked

Reported:	2023-10-25 12:11 UTC by Marian Rehak
Modified:	2024-05-10 11:14 UTC (History)
CC List:	4 users (show)
Fixed In Version:	open-vm-tools 11.0.0
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:7260	None	None	None	2023-11-15 18:20:05 UTC
Red Hat Product Errata	RHSA-2023:7261	None	None	None	2023-11-15 18:20:28 UTC
Red Hat Product Errata	RHSA-2023:7262	None	None	None	2023-11-15 18:22:45 UTC
Red Hat Product Errata	RHSA-2023:7263	None	None	None	2023-11-15 18:25:56 UTC
Red Hat Product Errata	RHSA-2023:7264	None	None	None	2023-11-15 18:22:40 UTC
Red Hat Product Errata	RHSA-2023:7265	None	None	None	2023-11-15 18:59:09 UTC
Red Hat Product Errata	RHSA-2023:7267	None	None	None	2023-11-15 18:25:30 UTC
Red Hat Product Errata	RHSA-2023:7276	None	None	None	2023-11-15 18:55:27 UTC
Red Hat Product Errata	RHSA-2023:7277	None	None	None	2023-11-15 19:05:06 UTC
Red Hat Product Errata	RHSA-2023:7279	None	None	None	2023-11-15 19:13:55 UTC

Description Marian Rehak 2023-10-25 12:11:27 UTC

VMware Tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

Comment 4 Marian Rehak 2023-10-30 09:33:07 UTC

Created open-vm-tools tracking bugs for this issue:

Affects: fedora-all [bug 2246962]

Comment 7 errata-xmlrpc 2023-11-15 18:20:04 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:7260 https://access.redhat.com/errata/RHSA-2023:7260

Comment 8 errata-xmlrpc 2023-11-15 18:20:27 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:7261 https://access.redhat.com/errata/RHSA-2023:7261

Comment 9 errata-xmlrpc 2023-11-15 18:22:39 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2023:7264 https://access.redhat.com/errata/RHSA-2023:7264

Comment 10 errata-xmlrpc 2023-11-15 18:22:44 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:7262 https://access.redhat.com/errata/RHSA-2023:7262

Comment 11 errata-xmlrpc 2023-11-15 18:25:29 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:7267 https://access.redhat.com/errata/RHSA-2023:7267

Comment 12 errata-xmlrpc 2023-11-15 18:25:55 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:7263 https://access.redhat.com/errata/RHSA-2023:7263

Comment 13 errata-xmlrpc 2023-11-15 18:55:26 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2023:7276 https://access.redhat.com/errata/RHSA-2023:7276

Comment 14 errata-xmlrpc 2023-11-15 18:59:08 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:7265 https://access.redhat.com/errata/RHSA-2023:7265

Comment 15 errata-xmlrpc 2023-11-15 19:05:05 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:7277 https://access.redhat.com/errata/RHSA-2023:7277

Comment 16 errata-xmlrpc 2023-11-15 19:13:54 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:7279 https://access.redhat.com/errata/RHSA-2023:7279

Note You need to log in before you can comment on or make changes to this bug.