Source: open-vm-tools
Version: 2:9.4.6-1770165-1
Severity: critical
Tags: security upstream
Upstream released 10.3.10, which contains a fix for a long standing
security issue:
commit e88f91b00a715b79255de6576506d80ecfdb064c
Author: Oliver Kurth <oku...@vmware.com>
Date: Tue Jan 29 14:03:19 2019 -0800
Fix possible security issue with the permissions of the intermediate
staging directory and path
/tmp/VMwareDnD is a staging directory used for DnD and CnP. It should be
a regular directory, but malicious code or user may create the
/tmp/VMwareDnD
as a symbolic link which points elsewhere on the system. This may provide
user access to user B's files.
Do not set the permission of the root directory if the root directory
already exists and has the wrong permission. The permission of the
directory
must be 1777 if it is created by the VMToolsi. If not, then the directory
has been created or modified by malicious code or user, so just cancel the
host to guest DnD or CnP operation.
This is problably broken since ever. Patching this in all (LTS)
supported releases should be easy.
--
Bernd Zeimetz Debian GNU/Linux Developer
http://bzed.de http://www.debian.org
GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
