Urgent open-vm-tools security update fixes CVE-2025-22247 vulnerability affecting SUSE Linux Enterprise 15 SP6, openSUSE Leap 15.6, and VMware environments. Learn how to patch insecure file handling and prevent exploits with this critical patch.
Why This Update Matters
A newly discovered vulnerability (CVE-2025-22247) in open-vm-tools (v12.5.2) could allow local attackers to escalate privileges via insecure file handling. This moderate-risk flaw affects major enterprise systems, including:
✅ SUSE Linux Enterprise Server 15 SP6
✅ SUSE Linux Enterprise Desktop 15 SP6
✅ openSUSE Leap 15.6
✅ VMware virtualized environments
With a CVSS score of 6.9, this exploit could lead to data leaks or system compromises if left unpatched.
Key Fixes in This Update
Security Patches
🔒 CVE-2025-22247 – Critical file handling vulnerability resolved (Bug #1243106)
Performance & Compatibility Fixes
⚙️ Fixed GCC 15 compile-time errors (Bug #1241938)
⚙️ Improved containerd 1.7.25+ compatibility (Bug #1237147)
Full changelog:
GitHub Release Notes | Detailed ChangeLog
How to Install the Update
For openSUSE Leap 15.6 / SUSE Linux Enterprise
Run the following command via terminal:
zypper in -t patch SUSE-2025-1565=1
Alternative methods:
✔ YaST Online Update (GUI)
✔ Manual download from SUSE Security Portal
Affected Packages
| Module | Package | Version |
|---|---|---|
| Basesystem | libvmtools0 | 12.5.2-150600.3.12.1 |
| Containers | open-vm-tools-containerinfo | 12.5.2-150600.3.12.1 |
| Desktop Applications | open-vm-tools-desktop | 12.5.2-150600.3.12.1 |
Why Prompt Patching is Crucial
🚨 VMware tools are widely used in enterprise virtualization, making this update essential for:
System administrators managing cloud infrastructure
DevOps teams using SUSE-based containers
IT security professionals mitigating local privilege escalation risks
Delaying patches increases exposure to malware, data breaches, and compliance violations.
FAQ: Open-VM-Tools Security Update
Q: Is this vulnerability exploitable remotely?
A: No—CVE-2025-22247 requires local access (CVSS: AV:L).
Q: Does this affect non-SUSE distributions?
A: Only if using open-vm-tools 12.5.2 or earlier. Check your vendor’s advisory.
Q: How do I verify the patch is installed?
A: Run zypper patches | grep SUSE-2025-1565 or check package versions.
Nenhum comentário:
Postar um comentário