| Package | open-vm-tools |
|---|---|
| Version | 2:9.4.6-1770165-8+deb8u1 (jessie), 2:10.1.5-5055683-4+deb9u4 (stretch) |
| Related CVEs | CVE-2023-20867 |
open-vm-tools is a package that provides Open VMware Tools for virtual machines hosted on VMware.
It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
For Debian 8 jessie, these problems have been fixed in version 2:9.4.6-1770165-8+deb8u1.
For Debian 9 stretch, these problems have been fixed in version 2:10.1.5-5055683-4+deb9u4.
We recommend that you upgrade your open-vm-tools packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.