{"id":"CVE-2023-34059","details":"open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the \n/dev/uinput file descriptor allowing them to simulate user inputs.","modified":"2026-05-15T11:53:12.851800097Z","published":"2023-10-27T04:53:31.893Z","related":["ALSA-2023:7265","ALSA-2023:7277","SUSE-SU-2023:4227-1","SUSE-SU-2023:4228-1","SUSE-SU-2023:4229-1","SUSE-SU-2023:4230-1","openSUSE-SU-2024:13374-1"],"database_specific":{"cna_assigner":"vmware","unresolved_ranges":[{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"11.0.0"},{"last_affected":"12.3.0"}]}],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/34xxx/CVE-2023-34059.json"},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/10/27/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/10/27/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/11/26/1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/11/27/1"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00002.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G7G77Z76CQPGUF7VHRA6O3UFCMPPR4O2/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQUOFQL2SNNNMKROQ3TZQY4HEYMNOIBW/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLTKVTRKQW2GD2274H3UOW6XU4E62GSK/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/34xxx/CVE-2023-34059.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-34059"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5543"},{"type":"ADVISORY","url":"https://www.vmware.com/security/advisories/VMSA-2023-0024.html"},{"type":"EVIDENCE","url":"https://www.openwall.com/lists/oss-security/2023/10/27/3"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}