VMSA-2010-0017.1

VMware ESX third party update for Service Console kernel

VMware Security Advisory
 
VMware Security Advisory Advisory ID:
  VMSA-2010-0017.1
VMware Security Advisory Synopsis:
  VMware ESX third party update for Service Console kernel
VMware Security Advisory Issue date:
  2010-11-29
VMware Security Advisory Updated on:
  2011-01-04
VMware Security Advisory CVE numbers:
  CVE-2010-3081
1. Summary

ESX Service Console OS (COS) kernel update.

2. Relevant releases

VMware ESX 4.1 without patch ESX410-201011402-SG
VMware ESX 4.0 without patch ESX400-201101401-SG

3. Problem Description

a. Service Console OS update for COS kernel packag
This patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer.

Exploitation of this issue could allow a local user to gain additional privileges.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-3081 to this issue.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

VMware Product =============
Product version ========
Running on =======
Replace with/ Apply Patch =================
VMware Product ============= VirtualCenter
Product version ======== any
Running on ======= Windows
Replace with/ Apply Patch ================= not affected
VMware Product ============= hosted *
Product version ======== any
Running on ======= any
Replace with/ Apply Patch ================= not affected
VMware Product ============= ESXi
Product version ======== any
Running on ======= ESXi
Replace with/ Apply Patch ================= not affected
VMware Product ============= ESX
Product version ======== 4.1
Running on ======= ESX
Replace with/ Apply Patch ================= ESX410-201011402-SG
VMware Product ============= ESX
Product version ======== 4.0
Running on ======= ESX
Replace with/ Apply Patch ================= ESX400-201101401-SG **
VMware Product ============= ESX
Product version ======== 3.x
Running on ======= ESX
Replace with/ Apply Patch ================= not applicable


* hosted products are VMware Workstation, Player, ACE, Fusion.
** ESX 4.0 patch ESX400-201101401-SG also addresses the issues identified by CVE-2010-0415, CVE-2010-0307, CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1437, and CVE-2010-1088. These issues have been addressed for ESX 4.1 in an earlier ESX 4.1 patch release, see VMSA-2010-0016.1 for details.

4. Solution

Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.

ESX 4.1
-------
ESX410-201011001
Download link:
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-253-20101122-763417/ESX410-201011001.zip
md5sum: e73fd3302529c1d85d9cc47457dfb963
sha1sum: c0e0eac907c04105791ac44e288e7d8076dc14e0

http://kb.vmware.com/kb/1029400

ESX410-201011001 contains the following security bulletins:
ESX410-201011402-SG (COS kernel) |
http://kb.vmware.com/kb/1029397

ESX410-201011001 also contains the following non-security bulletins
ESX410-201011401-BG

To install an individual bulletin use esxupdate with the -b option.

ESX 4.0
-------
ESX400-201101001
Download link:
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-257-20101231-664659/ESX400-201101001.zip
md5sum: f1d522b380692e0845eb0dda480ab890
sha1sum: 906989af3ddacc41321d685c4afe0d740856f9d5

http://kb.vmware.com/kb/1029426

ESX400-201101001 contains the following security bulletins:
ESX400-201101401-SG (COS kernel) |
http://kb.vmware.com/kb/1029424
ESX400-201101405-SG (glibc) |
http://kb.vmware.com/kb/1029881
ESX400-201101404-SG (sudo) |
http://kb.vmware.com/kb/1029421
ESX400-201101402-SG (openldap) |
http://kb.vmware.com/kb/1029423

ESX400-201101405-SG, ESX400-201101404-SG and ESX400-201101402-SG
are documented in VMSA-2011-0001.

To install an individual bulletin use esxupdate with the -b option.

6. Change log

2010-11-29 VMSA-2010-0017
Initial security advisory after release of patches for ESX 4.1
on 2010-11-29
2011-01-04 VMSA-2010-0017.1
Updated security advisory in conjunction with the release of patches
for ESX 4.0 on 2011-01-04

7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com
PGP key at:
http://kb.vmware.com/kb/1055

VMware Security Center
http://www.vmware.com/security

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

 

Sign up for Security Advisories

Enter your email address: