2024-06-28 13:17:52 +00:00

118 lines
4.0 KiB
JSON

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20182299",
"Version": "oval:org.altlinux.errata:def:20182299",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2018-2299: package `open-vm-tools` update to version 10.3.0-alt1.S1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2018-2299",
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-2299",
"Source": "ALTPU"
},
{
"RefID": "CVE-2018-6969",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-6969",
"Source": "CVE"
}
],
"Description": "This update upgrades open-vm-tools to version 10.3.0-alt1.S1. \nSecurity Fix(es):\n\n * CVE-2018-6969: VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2018-09-10"
},
"Updated": {
"Date": "2018-09-10"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2018-6969",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-6969",
"Impact": "High",
"Public": "20180713"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20182299001",
"Comment": "open-vm-tools is earlier than 0:10.3.0-alt1.S1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182299002",
"Comment": "open-vm-tools-desktop is earlier than 0:10.3.0-alt1.S1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20182299003",
"Comment": "open-vm-tools-devel is earlier than 0:10.3.0-alt1.S1"
}
]
}
]
}
}
]
}