Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

VMware ESXi 3.5, Patch ESXe350-201205401-I-SG: Updates Firmware (2019538)

Details

Release date: May 3, 2012

Download Size
237.3 MB

Download Filename
ESXe350-201205401-O-SG.zip
 
md5sum
e2f017e7ef9a1c0ed5e70dbc97ec62d3
 
sha1sum
8dab4731acd4e257cc1701aa0a88373727a9e3ae
 
Product ESXi 3.5
Build Information 702112
Patch Classification Security
Virtual Machine Migration or Shutdown Required Yes
Host Reboot Required
Yes
PRs Fixed
856311, 859908, 8664124, 871711
Affected Hardware N/A
Affected Software N/A
Related CVE numbers
CVE-2012-1516, CVE-2012-2448, CVE-2012-2449, CVE-2012-2450
 

Solution

Summaries and Symptoms

This patch contains fixes for the following security issues:

VMware host memory overwrite vulnerability (data pointers)

Due to a flaw in the handler function for RPC commands it is possible to manipulate data pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-1516 to this issue.

The following paragraphs detail workarounds and mitigating controls that might be available to remove the potential for exploiting the issue and to reduce the exposure that the issue poses.

Workaround: Configure virtual machines to use less than 4 GB of memory. Virtual machines that have less than 4 GB of memory are not affected.

Mitigation: Do not allow untrusted users access to your virtual machines. Root or Administrator level permissions are not required to exploit this issue.

ESXi NFS traffic parsing vulnerability
Due to a flaw in the handling of NFS traffic it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the ESXi host without authentication. The issue is not present in cases where there is no NFS traffic.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2448 to this issue.

The following paragraphs detail workarounds and mitigating controls that might be available to remove the potential for exploiting the issue and to reduce the exposure that the issue poses.

Workaround: None identified.

Mitigation:

  • Connect only to trusted NFS servers.
  • Segregate the NFS network
  • Harden your NFS server.


VMware floppy device out-of-bounds memory write

Due to a flaw in the virtual floppy configuration it is possible to perform an out-of-bounds memory write. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2449 to this issue.

The following paragraphs detail workarounds and mitigating controls that might be available to remove the potential for exploiting the issue and to reduce the exposure that the issue poses.

Workaround: Remove the virtual floppy device from the list of virtual I/O devices. The VMware hardening guides recommend removing unused virtual I/O devices in general.

Mitigation: Do not allow untrusted root users access to your virtual machines. Root or Administrator level permissions are required to exploit this vulnerability.

VMware SCSI device unchecked memory write

Due to a flaw in the SCSI device registration it is possible to perform an unchecked write into memory. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2450 to this issue.

The following paragraphs detail workarounds and mitigating controls that might be available to remove the potential for exploiting the issue and to reduce the exposure that the issue poses.

Workaround: Remove the virtual SCSI controller from the list of virtual I/O devices. The VMware hardening guides recommend removing unused virtual I/O devices in general.

Mitigation: Do not allow untrusted root users access to your virtual machines. Root or Administrator level permissions are required to exploit this issue.

Patch Download and Installation

Note: All virtual machines on the ESXi host must be either shut down or migrated using vMotion before applying the patch. You must reboot the ESXi host after applying this patch.

Note: ESXi hosts do not reboot automatically when you patch with the offline bundle.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 4 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 4 Ratings
Actions
KB: