Bug 32454 - open-vm-tools new security issues CVE-2023-3405[89]
Summary: open-vm-tools new security issues CVE-2023-3405[89]
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
: 32458 (view as bug list)
Depends on:
Blocks: 32061
  Show dependency treegraph
 
Reported: 2023-10-27 12:47 CEST by Nicolas Salguero
Modified: 2024-03-14 18:27 CET (History)
6 users (show)

See Also:
Source RPM: open-vm-tools-12.1.5-2.mga9.src.rpm
CVE: CVE-2023-34058, CVE-2023-34059
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2023-10-27 12:47:12 CEST 
Those CVEs were announced here:
https://www.openwall.com/lists/oss-security/2023/10/27/1
https://www.openwall.com/lists/oss-security/2023/10/27/2

Mageia 9 and 8 are also affected.
Comment 1 Nicolas Salguero 2023-10-27 12:48:38 CEST 
The fixes are given is the links above.

Whiteboard: (none) => MGA9TOO, MGA8TOO
Status comment: (none) => Patches available from upstream
Source RPM: (none) => open-vm-tools-12.1.5-2.mga9.src.rpm
CC: (none) => nicolas.salguero

Comment 2 David Walser 2023-10-27 19:46:30 CEST 
*** Bug 32458 has been marked as a duplicate of this bug. ***

CC: (none) => smelror

Comment 3 David Walser 2023-10-27 19:47:14 CEST 
https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5

Status comment: Patches available from upstream => Fixed upstream in 12.3.5

Comment 4 Marja Van Waes 2023-10-29 13:56:11 CET 
Assigning to the registered open-vm-tools maintainer

CC: (none) => marja11
Assignee: bugsquad => luigiwalser

Comment 5 Nicolas Salguero 2024-03-12 10:52:05 CET 
Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Authentication bypass vulnerability in the vgauth module. (CVE-2023-20867)

SAML token signature bypass. (CVE-2023-34058)

File descriptor hijack vulnerability in the vmware-user-suid-wrapper. (CVE-2023-34059)

References:
https://access.redhat.com/errata/RHSA-2023:3948
https://www.openwall.com/lists/oss-security/2023/10/27/1
https://www.openwall.com/lists/oss-security/2023/10/27/2
https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5
https://www.vmware.com/security/advisories/VMSA-2023-0024.html
========================

Updated packages in core/updates_testing:
========================
open-vm-tools-12.3.5-2.mga9
open-vm-tools-desktop-12.3.5-2.mga9
open-vm-tools-devel-12.3.5-2.mga9
open-vm-tools-salt-minion-12.3.5-2.mga9
open-vm-tools-sdmp-12.3.5-2.mga9
open-vm-tools-test-12.3.5-2.mga9

from SRPM:
open-vm-tools-12.3.5-2.mga9.src.rpm

Status: NEW => ASSIGNED
CVE: (none) => CVE-2023-34058, CVE-2023-34059
Whiteboard: MGA9TOO, MGA8TOO => (none)
Assignee: luigiwalser => qa-bugs
Blocks: (none) => 32061
Version: Cauldron => 9
Status comment: Fixed upstream in 12.3.5 => (none)

katnatek 2024-03-12 21:43:49 CET

Keywords: (none) => advisory

Comment 6 Herman Viaene 2024-03-14 10:17:31 CET 
MGA9-64 Plasma Wayland on HP-Pavillion
No installation issues.
This laptop is not powerfull enough to run VMwaren so ref bug 30770, OK on clean install.

Whiteboard: (none) => MGA9-64-OK
CC: (none) => herman.viaene

Comment 7 Thomas Andrews 2024-03-14 13:55:22 CET 
Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 8 Mageia Robot 2024-03-14 18:27:05 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0058.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.