Embargo Info ============================================================== The information contained in this email is under embargo until the scheduled public disclosure on June 13th, 2023. The disclosure will be published at https://www.vmware.com/security/advisories/VMSA-2023-0013 at this time. Description ============================================================== CVE-2023-20867: VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3.1 base score of 3.9 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N. Known Attack Vectors ============================================================== A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the virtual machine. Remediation ============================================================== CVE-2023-20867.zip PASSWORD: 6ljsyoo7l8qenbn4a03q The following patches are provided for released versions of open-vm-tools: For releases 12.2.0, 12.1.5, 12.1.0, 12.0.5, 12.0.0, 11.3.5, 11.3.0 2023-20867-Remove-some-dead-code.patch For releases 11.1.0, 11.1.5, 11.2.0, 11.2.5 2023-20867-Remove-some-dead-code-1110-1125.patch For releases 11.0.0, 11.0.5 2023-20867-Remove-some-dead-code-1100-1105.patch For releases 10.3.0, 10.3.5, 10.3.10 2023-20867-Remove-some-dead-code-1030-10310.patch The patches have been tested against the above open-vm-tools releases. Each applies cleanly with: git am for a git repository. patch -p2 in the top directory of an open-vm-tools source tree. ==============================================================
*** Bug 2215140 has been marked as a duplicate of this bug. ***
Created open-vm-tools tracking bugs for this issue: Affects: fedora-all [bug 2215553]
Possible upstream commit for this issue: https://github.com/vmware/open-vm-tools/commit/c66f38194f91f8b733caa0beb6310871ac629690
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:3947 https://access.redhat.com/errata/RHSA-2023:3947
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:3945 https://access.redhat.com/errata/RHSA-2023:3945
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:3946 https://access.redhat.com/errata/RHSA-2023:3946
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:3948 https://access.redhat.com/errata/RHSA-2023:3948
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:3944 https://access.redhat.com/errata/RHSA-2023:3944
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:3949 https://access.redhat.com/errata/RHSA-2023:3949
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:3950 https://access.redhat.com/errata/RHSA-2023:3950