|
|
Subscribe / Log in / New account

Mageia alert MGASA-2025-0237 (open-vm-tools)



From:
              Mageia Updates <updates-announce@ml.mageia.org>


To:
              updates-announce@ml.mageia.org


Subject:
              [updates-announce] MGASA-2025-0237: Updated open-vm-tools package fixes security vulnerability


Date:
              Sat, 11 Oct 2025 08:19:05 +0200


Message-ID:
              <20251011061905.6AF889F9A9@duvel.mageia.org>


Archive-link:
              Article


MGASA-2025-0237 - Updated open-vm-tools package fixes security vulnerability

Publication date: 11 Oct 2025
URL: https://advisories.mageia.org/MGASA-2025-0237.html
Type: security
Affected Mageia releases: 9
CVE: CVE-2025-41244

Description:
It was discovered that open-vm-tools contains a local privilege
escalation vulnerability. A malicious actor with non-administrative
privileges on a guest VM may exploit this vulnerability to escalate
privileges to root on the same VM (CVE-2025-41244).

References:
- https://bugs.mageia.org/show_bug.cgi?id=34641
- https://www.openwall.com/lists/oss-security/2025/09/29/10
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4...

SRPMS:
- 9/core/open-vm-tools-12.3.5-2.2.mga9
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds