{"id":"AZL-31733","summary":"CVE-2023-34059 affecting package open-vm-tools for versions less than 11.3.0-3","details":"open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the \n/dev/uinput file descriptor allowing them to simulate user inputs.","modified":"2026-04-01T05:10:22.546641Z","published":"2023-10-27T05:15:39Z","upstream":["CVE-2023-34059"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34059"}],"affected":[{"package":{"name":"open-vm-tools","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/open-vm-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.3.0-3"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-31733.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}