Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 27 Nov 2023 10:01:16 +0100
From: Matthias Gerstner <>
Subject: Re: CVE-2023-34059 - File Descriptor Hijack
 vulnerability in open-vm-tools


On Sun, Nov 26, 2023 at 11:38:50AM -0800, John Helmert III wrote:
> On Fri, Oct 27, 2023 at 11:57:46AM +0200, Matthias Gerstner wrote:
> > Hello list,
> > 
> > I want to share my full report for this finding, please find it below.
> > 
> > Introduction
> > ============
> > 
> > During a routine review of the setuid-root binary
> > "vmware-user-suid-wrapper" from the open-vm-tools [1] repository I
> > discovered the vulnerability described in this report. The version under
> > review was open-vm-tools version 12.2.0. The setuid-root binary's source
> > code in the open-vm-tools repository did not change since version 10.3.0
> > (released in 2018), however, so likely most current installations of
> > open-vm-tools are affected by this finding.
> Hm, it looks like there *was* a commit to vmware-user-suid-wrapper
> that looks very similar to the patch that was linked in the original
> advisory mail:
> Was that fix insufficient, or maybe wasn't there when your mail was sent?

There seems to be a misunderstanding here. It seems I phrased that not
properly. I did not mean to say that the issue is unfixed. As the
initial email from VMware states there is a patch and bugfix release

What I wanted to express is that all versions of open-vm-tools ranging
from 10.3.0 up until before the bugfix release are likely affected by
the issue.



Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.