Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

VMware ESX 3.5, Patch ESX350-200809404-SG: Security Update to VMware-esx-vmx (1007089)

Details

Release Date: 03-Oct-2008

Download Size:
107MB
Download Filename:
ESX350-200809404-SG.zip
md5sum:
ee7e7f09e3a1e0aa4cc4b042a9a91a22



Product Versions ESX 3.5
Patch Classification Security
Supersedes ESX350-200802401-BG
ESX350-200802411-BG
ESX350-200712410-BG
ESX350-200804402-BG
ESX350-200804403-BG
ESX350-200806405-BG
ESX350-200806812-BG
Requires ESX350-200808201-UG
ESX350-200808401-BG
ESX350-200808408-BG
Virtual Machine Migration or Shutdown Required Yes
ESX Host Reboot Required Yes
PRs Fixed

309809 319964 327164

Affected Hardware

Systems with AMD Barcelona processors running ESX 3.5 U1 or U2

Affected Software Guest operating systems: 64-bit Windows, 64-bit FreeBSD
RPMs Included
VMware-hostd-esx
VMware-esx-vmkctl
VMware-esx-vmx
Related CVE numbers CVE-2008-4279



Solution

Summaries and Symptoms

This patch fixes the following issues:

  • VMware addresses an in-guest privilege escalation on 64-bit guest operating systems.

    VMware products emulate hardware functions including CPU, memory, and I/O.

    A flaw in VMware's CPU hardware emulation could allow the virtual CPU to jump to an incorrect memory address. Exploitation of this issue on the guest operating system does not lead to a compromise of the host system, but could lead to a privilege escalation on guest operating systems. An attacker would need to have a user account on the guest operating system.

    Affected guest operating systems include 64-bit Windows, 64-bit FreeBSD, and possibly other 64-bit operating systems.

    The issue does not affect the 64-bit versions of Linux guest operating systems.

    VMware would like to thank Derek Soeder for discovering this issue and working with us on its remediation.

    The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4279 this issue.

  • VI Client shows host as not responding during HA-DRS cluster operations.

    During HA-DRS cluster operations like adding or removing a host from a DRS cluster or applying DRS recommendations, the VI Client might show the host as "Not responding," even when the host IP can be reached.

    Note: This patch in conjunction with VirtualCenter 2.5 Update 3 (upcoming release) provides a full resolution to this issue.

  • VMware has identified an issue on systems with AMD Barcelona processors running ESX/ESXi 3.5 Update 1 or Update 2. While performing a VMotion from or to one of these systems, the virtual machine might fail to respond with the following symptoms:

    • Virtual machines running Microsoft 64-bit Windows operating systems might crash (blue screen) with the message: mfehidk.sys PAGE_FAULT_IN_NONPAGED_AREA.

    • Virtual machines running Linux 64-bit operating systems might experience a panic.

      Note: Some customers have seen this behavior using anti-virus software in the previously-mentioned environments.

      For a full description of this problem and its pre-patch workaround, see http://kb.vmware.com/kb/1007072.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table, above.

Patch Download and Installation

See the VMware Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX Server 3.5 hosts.

To update ESX Server 3.5 hosts when not using Update Manager, download the most recent patch bundle from http://support.vmware.com/selfsupport/download/ and install the bundle using esxupdate from the command line of the host. For more information, see the ESX Server 3 Patch Management Guide.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 5 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 5 Ratings
Actions
KB: