Your submission was sent successfully! Close

CVE-2022-31676

Published: 23 August 2022

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

Notes

AuthorNote
alexmurray
Patch in email with Message-ID <BYAPR05MB634348FE28845A7AF442BE28B9649@BYAPR05MB6343.namprd05.prod.outlook.com>
Priority

Medium

CVSS 3 base score: 7.0

Status

Package Release Status
open-vm-tools
Launchpad, Ubuntu, Debian
bionic
Released (2:11.0.5-4ubuntu0.18.04.2)
focal
Released (2:11.3.0-2ubuntu0~ubuntu20.04.3)
jammy
Released (2:11.3.5-1ubuntu4.1)
trusty Not vulnerable

upstream
Released (12.1.0,10.3.25)
xenial
Released (2:10.2.0-3~ubuntu0.16.04.1+esm1)