Debian 10034 Published by

An open-vm-tools security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address an issue that impact the confidentiality and integrity of the guest virtual machine.



ELA-924-1 open-vm-tools security update

Package : open-vm-tools
Version : 2:9.4.6-1770165-8+deb8u1 (jessie), 2:10.1.5-5055683-4+deb9u4 (stretch)

Related CVEs :
CVE-2023-20867

open-vm-tools is a package that provides Open VMware Tools for virtual
machines hosted on VMware.
It was discovered that Open VM Tools incorrectly handled certain
authentication requests. A fully compromised ESXi host can force Open
VM Tools to fail to authenticate host-to-guest operations, impacting
the confidentiality and integrity of the guest virtual machine.

ELA-924-1 open-vm-tools security update