UbuntuUpdates.org

Package "open-vm-tools"




Name: open-vm-tools

Description:

Open VMware Tools for virtual machines hosted on VMware (CLI)
Latest version: *DELETED*
Release: noble (24.04)
Level: security
Repository: main
Homepage: https://github.com/vmware/open-vm-tools

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "open-vm-tools"

APT INSTALL

Other versions of "open-vm-tools" in Noble

Repository Area Version
base universe 2:12.3.5-5build3
base main 2:12.3.5-5build3
security universe 2:12.4.5-1~ubuntu0.24.04.2
updates main 2:12.4.5-1~ubuntu0.24.04.2
updates universe 2:12.4.5-1~ubuntu0.24.04.1
PPA: Mint Upstream 2:11.3.5-1ubuntu5mint1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2025-05-13 16:08:12 UTC
No changelog for deleted or moved packages.

Version: 2:12.4.5-1~ubuntu0.24.04.2 2025-05-13 14:08:19 UTC

  open-vm-tools (2:12.4.5-1~ubuntu0.24.04.2) noble-security; urgency=medium

  * SECURITY UPDATE: insecure file handling vulnerability
    - debian/patches/CVE-2025-22247.patch: properly check symlinks and path
      traversal chars in open-vm-tools/vgauth/common/VGAuthUtil.c,
      open-vm-tools/vgauth/common/VGAuthUtil.h,
      open-vm-tools/vgauth/common/prefs.h,
      open-vm-tools/vgauth/common/usercheck.c,
      open-vm-tools/vgauth/serviceImpl/alias.c,
      open-vm-tools/vgauth/serviceImpl/service.c,
      open-vm-tools/vgauth/serviceImpl/serviceInt.h.
    - CVE-2025-22247

 -- Marc Deslauriers <email address hidden> Tue, 06 May 2025 08:22:56 -0400
CVE-2025-22247 VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the loca


About   -   Send Feedback to @ubuntu_updates