Your message dated Tue, 07 Nov 2023 21:17:46 +0000 with message-id <e1r0tse-000dfq...@fasolo.debian.org> and subject line Bug#1054666: fixed in open-vm-tools 2:11.2.5-2+deb11u3 has caused the Debian Bug report #1054666, regarding open-vm-tools: CVE-2023-34059 CVE-2023-34058 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054666: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054666 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: open-vm-tools X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for open-vm-tools. CVE-2023-34059[0]: | open-vm-tools contains a file descriptor hijack vulnerability in the | vmware-user-suid-wrapper. A malicious actor with non-root privileges | may be able to hijack the /dev/uinput file descriptor allowing them | to simulate user inputs. https://www.openwall.com/lists/oss-security/2023/10/27/3 CVE-2023-34058[1]: | VMware Tools contains a SAML token signature bypass vulnerability. A | malicious actor that has been granted Guest Operation Privileges | https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere- | security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target | virtual machine may be able to elevate their privileges if that | target virtual machine has been assigned a more privileged Guest | Alias https://vdc-download.vmware.com/vmwb-repository/dcr- | public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd- | db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . https://www.openwall.com/lists/oss-security/2023/10/27/1 https://github.com/vmware/open-vm-tools/blob/CVE-2023-34058.patch/CVE-2023-34058.patch If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-34059 https://www.cve.org/CVERecord?id=CVE-2023-34059 [1] https://security-tracker.debian.org/tracker/CVE-2023-34058 https://www.cve.org/CVERecord?id=CVE-2023-34058 Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---Source: open-vm-tools Source-Version: 2:11.2.5-2+deb11u3 Done: Bernd Zeimetz <b...@debian.org> We believe that the bug you reported is fixed in the latest version of open-vm-tools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1054...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bernd Zeimetz <b...@debian.org> (supplier of updated open-vm-tools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 30 Oct 2023 18:02:12 +0100 Source: open-vm-tools Architecture: source Version: 2:11.2.5-2+deb11u3 Distribution: bullseye-security Urgency: medium Maintainer: Bernd Zeimetz <b...@debian.org> Changed-By: Bernd Zeimetz <b...@debian.org> Closes: 1054666 Changes: open-vm-tools (2:11.2.5-2+deb11u3) bullseye-security; urgency=medium . * Closes: #1054666 * [5f241c9] Fixing CVE-2023-34059. This fixes a file descriptor hijack vulnerability in the vmware-user-suid-wrapper command. A malicious actor with non-root privileges might have been able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. * [0c3fe2a] Fixing CVE-2023-34058. This fixes a SAML Token Signature Bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine might have been able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. Checksums-Sha1: 6a25a3de4c99bbdef3d30c8defd1834f24cbf5a3 2496 open-vm-tools_11.2.5-2+deb11u3.dsc 738ecd78a07d8e9809b8dd190f70a8e606199265 37352 open-vm-tools_11.2.5-2+deb11u3.debian.tar.xz 955fd8dee72124208fcdc91b093e67fb53992c01 5533 open-vm-tools_11.2.5-2+deb11u3_source.buildinfo Checksums-Sha256: e20bbd5f994469d2b78af4c2ab0d2c7d442961b05250a5f87888663ee054f100 2496 open-vm-tools_11.2.5-2+deb11u3.dsc 06fa96d0d2f310bfaad5fe6fb4d0f6f5b2e04707bc52ab19383b7752ee7a021e 37352 open-vm-tools_11.2.5-2+deb11u3.debian.tar.xz ffe0ea84911c3facf6e7bf1d1b1c7696d9f483cc8e123a24b54b813f2b6ab6af 5533 open-vm-tools_11.2.5-2+deb11u3_source.buildinfo Files: b615bc3d53f9db07ffdd82358e15e31a 2496 admin optional open-vm-tools_11.2.5-2+deb11u3.dsc d2af3876625dd7a91a4c3802391106f8 37352 admin optional open-vm-tools_11.2.5-2+deb11u3.debian.tar.xz ce97f043d492495e901f482a417d778c 5533 admin optional open-vm-tools_11.2.5-2+deb11u3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAmVAyCEACgkQ6zYXGm/5 Q1/3CBAAk8Vm07/UvceZYhaObSiWuKjDZTgqKf3sjJWEVeZUsZBmujYJydS2po5M 2FTbTS8TEkfafYNFTb+owLtQhMtij3btWie2TkIZDm9SaQkDQ3sGykGVWKfvvPb7 RAKyg+tl71ZYHfPEGHS1Oqremh3lAwHZOr9sNDGIsuFSaM2GSs/qupSHHMYwGJAd rNcTiUPvjs+LTrhWVZyHrc5htebMJ15bJ5jUo5Zh7lAeNkcHEaOcXtJoeuLAxxvl xAHHlCYR1UC22/D+EsgfLQpB+0PNAXxg4Ue0VJi3ujeNOLBOYUdiInJ99lFGlJ9P 18bnTxuP8yequmLyHIgUmChpbwQJbzWQQQ2ur+mYyTlVuzvNk7/ko5ex4R1qLGru 3sAjGzas/UaCfS/8AiVnr6ja4DGWB3lizZwzKZ/WU2Lyt7NfUqwjPRuetF5Ob98/ 2OLSEVIpoHVbq9a81eWWsDi7DBlcJ6A3Pboks/bYj87owCX/8RlwGYlEIdBTNwak vIqNwzScJS7sxy8nt6A337lKhpSpJ27GbmDA1oMLDj/NCHhWu8gc6axC46eI2KB1 cQlbAD7BYdQKRcvIsOybTE82InTr250LNHkm61lvskadXAWarMj18XDlkoDjIpLA D8/O61M5nPSYL1lzco3TwMTkQ7aVsHPlHDYZ8J18NTLbJse0/4c= =G0cu -----END PGP SIGNATURE-----
--- End Message ---
