Knowledge Base
Search the Knowledge Base: |
Search the Knowledge Base: |
VMware ESX Server 3.5, Patch ESX350-200802406-SG: Updated aacraid Driver
Details
Release Date: 3/10/2008
Document Last Updated: 3/10/2008
|
Download Size: 88 KB Download Filename: ESX350-200802406-SG.zip md5sum: 408a8a5aefde2ce33dec78cb01f80aca |
|
Summary
This patch fixes a flaw in how the aacraid SCSI driver checked IOCTL command permissions. This flaw can allow a local user on the service console to cause a denial of service or gain privileges. Thanks to Adaptec for reporting this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-4308 to this issue.
Solution
Symptoms
N/A
Deployment Considerations
Patch bundles ESX350-200802403-BG and ESX350-200802409-BG must be installed prior to installing this patch. The esxupdate utility will check to ensure ESX350-200802403-BG and ESX350-200802409-BG are installed before proceeding with installation of this patch.
Patch Download and Installation
To automatically download and install patches on your ESX Server 3.5 hosts, use the VMware Update Manager. For more information, see the Update Manager Administration Guide at http://www.vmware.com/pdf/vi3_vum_10_admin_guide.pdf.
To manually update ESX Server 3.5 hosts, download the most recent patch bundle from http://www.vmware.com/download/vi/vi3_patches_35.html and install the bundle using esxupdate on the service console. For more information about using esxupdate, see the ESX Server 3 Patch Management Guide at http://www.vmware.com/pdf/vi3_35/esx_3/r35/vi3_35_25_esxupdate.pdf.
Keywords
Feedback
- KB Article: 1003449
- Updated: Aug 14, 2009
- Products:
VMware ESX - Product Versions:
VMware ESX 3.5.x