Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides

Search the VMware Knowledge Base (KB)

View by Article ID

VMware ESX Server 3.5, Patch ESX350-200802406-SG: Updated aacraid Driver (1003449)

Details

Release Date: 3/10/2008
Document Last Updated: 3/10/2008

Download Size:
88 KB
Download Filename:
ESX350-200802406-SG.zip
md5sum:
408a8a5aefde2ce33dec78cb01f80aca

Product Versions	ESX Server 3.5
Patch Classification	Security
Supersedes	None
Dependencies	ESX350-200802403-BG ESX350-200802409-BG
Virtual Machine Migration or Reboot Required	Yes
ESX Server Host Reboot Required	Yes
PRs Fixed	226838
Affected Hardware	N/A
Affected Software	Unknown
RPMs Included	VMware-esx-drivers-scsi-aacraid_esx30 kernel-vmnix
Related CVE numbers	CVE-2007-4308

Summary

This patch fixes a flaw in how the aacraid SCSI driver checked IOCTL command permissions. This flaw can allow a local user on the service console to cause a denial of service or gain privileges. Thanks to Adaptec for reporting this issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-4308 to this issue.

Solution

Symptoms

N/A

Deployment Considerations

Patch bundles ESX350-200802403-BG and ESX350-200802409-BG must be installed prior to installing this patch. The esxupdate utility will check to ensure ESX350-200802403-BG and ESX350-200802409-BG are installed before proceeding with installation of this patch.

Patch Download and Installation

To automatically download and install patches on your ESX Server 3.5 hosts, use the VMware Update Manager. For more information, see the Update Manager Administration Guide at http://www.vmware.com/pdf/vi3_vum_10_admin_guide.pdf.

To manually update ESX Server 3.5 hosts, download the most recent patch bundle from http://www.vmware.com/download/vi/vi3_patches_35.html and install the bundle using esxupdate on the service console. For more information about using esxupdate, see the ESX Server 3 Patch Management Guide at http://www.vmware.com/pdf/vi3_35/esx_3/r35/vi3_35_25_esxupdate.pdf.

Keywords

alertz; RHSA-2007:0940-01

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

1 2 3 4 5
1 Ratings

1 2 3 4 5
1 Ratings

Actions

Bookmark Document

KB:

Did this article help you?
This article resolved my issue. This article did not resolve my issue. This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)