An open-vm-tools security update has been released for Debian GNU/Linux 9 Extended LTS to address a vulnerability where a malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.

ELA-955-1 open-vm-tools security update

Package : open-vm-tools
Version : 2:10.1.5-5055683-4+deb9u5 (stretch)

Related CVEs :
CVE-2023-20900

A security vulnerability was found in the Open VMware Tools. A malicious actor
that has been granted Guest Operation Privileges in a target virtual machine
may be able to elevate their privileges if that target virtual machine has
been assigned a more privileged Guest Alias.

ELA-955-1 open-vm-tools security update