VMware ESX Server 2.0.1 Security Update
This patch includes a new update for ESX Server 2.0.1 and addresses a vulnerability in the Linux kernel. In ESX Server, the service console is implemented using a
modified Linux distribution. A security bug has been discovered
in the Linux kernel within the sbrk() function. A user could execute
the sbrk() system call with invalid values and cause the
kernel to map its memory into the user application. This patch
includes a new update for ESX Server 2.0.1 and addresses the
vulnerability in the Linux kernel.
Details on this advisory are available at:
Note: This patch only works if you have ESX Server
2.0.1 build 6403. Please make sure that this build is
installed before applying the patch.
Installing the Update
This update will require a reboot of your ESX server to
take effect. You must shutdown your virtual machines
before installing the patch.
Log in as root into the ESX Server 2.0.1 service console.
- Your path variable should contain /usr/bin:/bin.
Download the tar file, into a temporary directory, for
example /tmp, on your ESX service console.
Change directories to /tmp:
Verify the integrity of the package:
The md5 checksum output should match the following:
Extract the compressed tar archive:
tar -xvzf esx201_patch_6687.tar.gz
You will see the following output:
Change directories to the newly created directory,
Run the driver installer:
The drivers are now updated.
Reboot your ESX Server machine for the update to take effect.