Security Response to CAN-2004-1235: Audit Warns of Possible Vulnerability in the uselib Function in the 2.4 Linux Kernel (1654)
A security software audit warns that an ESX Server machine may have the security vulnerability described at:
How can I protect the server? Does VMware have a fix for this?
Certain functions in the uselib library do not handle VMA descriptors correctly, possibly allowing an unauthorized user to gain superuser priviledges. VMware includes updates to repair this vulnerability for ESX Server 2.1.x and 2.0.x in the following upgrade patches:VMware ESX Server 2.5.1.