What is the vulnerability ID of USN-6257-1?

The vulnerability ID of USN-6257-1 is CVE-2023-20867.

How can I fix the Open VM Tools vulnerability in Ubuntu 23.04?

To fix the Open VM Tools vulnerability in Ubuntu 23.04, update the package to version 2:12.1.5-3ubuntu0.23.04.1.

How can I fix the Open VM Tools vulnerability in Ubuntu 22.04?

To fix the Open VM Tools vulnerability in Ubuntu 22.04, update the package to version 2:12.1.5-3~ubuntu0.22.04.2.

How can I fix the Open VM Tools vulnerability in Ubuntu 20.04?

To fix the Open VM Tools vulnerability in Ubuntu 20.04, update the package to version 2:11.3.0-2ubuntu0~ubuntu20.04.5.

How can I fix the Open VM Tools vulnerability in Ubuntu 18.04?

To fix the Open VM Tools vulnerability in Ubuntu 18.04, update the package to version 2:11.0.5-4ubuntu0.18.04.3+esm1.

How can I fix the Open VM Tools vulnerability in Ubuntu 16.04?

To fix the Open VM Tools vulnerability in Ubuntu 16.04, update the package to version 2:10.2.0-3~ubuntu0.16.04.1+esm2.

Vulnerability/
USN-6257-1

27/7/2023

USN-6257-1: Open VM Tools vulnerability

Q: What is the impact of CVE-2023-20867?

CVE-2023-20867 can allow a fully compromised ESXi host to force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

First published: Thu Jul 27 2023(Updated: )

It was discovered that Open VM Tools incorrectly handled certain authentication requests. A fully compromised ESXi host can force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. (CVE-2023-20867)

Affected Software	Affected Version	How to fix
All of
ubuntu/open-vm-tools	<2:12.1.5-3ubuntu0.23.04.1	2:12.1.5-3ubuntu0.23.04.1
	=23.04
All of
ubuntu/open-vm-tools	<2:12.1.5-3~ubuntu0.22.04.2	2:12.1.5-3~ubuntu0.22.04.2
	=22.04
All of
ubuntu/open-vm-tools	<2:11.3.0-2ubuntu0~ubuntu20.04.5	2:11.3.0-2ubuntu0~ubuntu20.04.5
	=20.04
All of
ubuntu/open-vm-tools	<2:11.0.5-4ubuntu0.18.04.3+esm1	2:11.0.5-4ubuntu0.18.04.3+esm1
	=18.04
All of
ubuntu/open-vm-tools	<2:10.2.0-3~ubuntu0.16.04.1+esm2	2:10.2.0-3~ubuntu0.16.04.1+esm2
	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2023-20867

Frequently Asked Questions

What is the vulnerability ID of USN-6257-1?
The vulnerability ID of USN-6257-1 is CVE-2023-20867.
What is the impact of CVE-2023-20867?
CVE-2023-20867 can allow a fully compromised ESXi host to force Open VM Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
How can I fix the Open VM Tools vulnerability in Ubuntu 23.04?
To fix the Open VM Tools vulnerability in Ubuntu 23.04, update the package to version 2:12.1.5-3ubuntu0.23.04.1.
How can I fix the Open VM Tools vulnerability in Ubuntu 22.04?
To fix the Open VM Tools vulnerability in Ubuntu 22.04, update the package to version 2:12.1.5-3~ubuntu0.22.04.2.
How can I fix the Open VM Tools vulnerability in Ubuntu 20.04?
To fix the Open VM Tools vulnerability in Ubuntu 20.04, update the package to version 2:11.3.0-2ubuntu0~ubuntu20.04.5.
How can I fix the Open VM Tools vulnerability in Ubuntu 18.04?
To fix the Open VM Tools vulnerability in Ubuntu 18.04, update the package to version 2:11.0.5-4ubuntu0.18.04.3+esm1.
How can I fix the Open VM Tools vulnerability in Ubuntu 16.04?
To fix the Open VM Tools vulnerability in Ubuntu 16.04, update the package to version 2:10.2.0-3~ubuntu0.16.04.1+esm2.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/23.04
version/ubuntu ubuntu/22.04
version/ubuntu ubuntu/20.04
version/ubuntu ubuntu/18.04
version/ubuntu ubuntu/16.04