Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 24 Jul 2017 20:20:40 +0000
From: VMware Security Response Center <>
To: "" <>
Subject: [CVE-2015-5191] local privilege escalation in Open VMware Tools

Open VMware Tools (CVE-2015-5191) contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp.
Successful exploitation may result in a local privilege escalation. The impact of this vulnerability is low for distributions which have enabled PrivateTmp for the affected service.
9.10.x –
10.0.x -
10.1.x -
We would like to thank Florian Weimer and Kurt Seifried of Red Hat Product Security for reporting this issue to us.

Edward Hawkins
Senior Program Manager, Security Response

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ