https://www.openwall.com/lists/oss-security/2025/09/29/10
CVE: (none) => CVE-2025-41244Whiteboard: (none) => MGA9TOOSource RPM: (none) => open-vm-tools-12.5.2-2.mga10.src.rpm, open-vm-tools-12.3.5-2.1.mga9.src.rpmStatus comment: (none) => Patch available from upstream
Assigning to the registered maintainer, but CC'ing all, because the registered maintainer seems unavailable
CC: (none) => marja11, pkg-bugsAssignee: bugsquad => luigiwalser
Cauldron fixed in open-vm-tools-12.5.2-3.mga10 Package patched for Mageia 9 Advisory: ======================== Patched open-vm-tools package fixes security vulnerability: It was discovered that open-vm-tools contains a local privilege escalation vulnerability. A malicious actor with non-administrative privileges on a guest VM may exploit this vulnerability to escalate privileges to root on the same VM (CVE-2025-41244). References: https://www.openwall.com/lists/oss-security/2025/09/29/10 https://www.cve.org/CVERecord?id=CVE-2025-41244 ======================== Updated packages in core/updates_testing: ======================== open-vm-tools-12.3.5-2.2.mga9.x86_64.rpm open-vm-tools-desktop-12.3.5-2.2.mga9.x86_64.rpm open-vm-tools-devel-12.3.5-2.2.mga9.x86_64.rpm open-vm-tools-salt-minion-12.3.5-2.2.mga9.x86_64.rpm open-vm-tools-sdmp-12.3.5-2.2.mga9.x86_64.rpm open-vm-tools-test-12.3.5-2.2.mga9.x86_64.rpm from open-vm-tools-12.3.5-2.2.mga9.src.rpm
Assignee: luigiwalser => qa-bugsVersion: Cauldron => 9CC: (none) => mhrambo3501Whiteboard: MGA9TOO => (none)
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. Ref bug 32454, OK on clean install.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
Keywords: (none) => advisory
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0237.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED