Ubuntu 23.04 USN-6365-1 Critical Open VM Tools Network Access Issue
ubuntu
September 13, 2023
Open VM Tools could allow unintended access to network services.
Summary
Open VM Tools could allow unintended access to network services.
Software Description:
- open-vm-tools: Open VMware Tools for virtual machines hosted on VMware
Details:
It was discovered that Open VM Tools incorrectly handled SAML tokens. A
remote attacker could possibly use this issue to bypass SAML token
signature verification and perform VMware Tools Guest Operations.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: open-vm-tools 2:12.1.5-3ubuntu0.23.04.2 Ubuntu 22.04 LTS: open-vm-tools 2:12.1.5-3~ubuntu0.22.04.3 Ubuntu 20.04 LTS: open-vm-tools 2:11.3.0-2ubuntu0~ubuntu20.04.6 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-6365-1
CVE-2023-20900
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-6365-1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!