VMware ESX Server 3.0.3, ESX303-200905401-SG: Update to VMware-esx-tools RPM (1009940)
This patch fixes the following issues:
- Denial of service vulnerability that could be triggered in a guest operating system by an unprivileged, locally logged-on user to the virtual machine.
Virtual machines are affected under the following conditions:
- The virtual machine is running a Windows operating system.
- The VMware Descheduled Time Accounting driver is installed in the virtual machine. Note that this is an optional (non-default) part of the VMware Tools installation.
- The VMware Descheduled Time Accounting Service is not running in the virtual machine
Please refer to VMSA-2009-0007 for the steps needed to remediate this vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-1805 to this issue.
- Occurrence of [2355.842517] <unknown>: hw csum failure error message in the console after installing 32-bit Ubuntu 7.04 virtual machines or later versions.
Patch Download and Installation
See the VMware Update Manager Administration Guide for instructions on using VMware Update Manager to download and install patches to automatically update ESX Server 3.0.3 hosts.
To update ESX Server 3.0.3 hosts when not using VMware Update Manager, download the most recent patch bundle from http://support.vmware.com/selfsupport/download/ and install the bundle using esxupdate from the command line of the host. For more information, see the ESX Server 3 Patch Management Guide.