Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

VMware ESXi 4.0, Patch ESXi400-201302402-SG: Updates VMware Tools (2041347)

Details

Release date: February 07, 2013

Patch Classification Security
See KB 2014447 if using Update Manager 5.0
Build For build information, see KB 2041344.
Host Reboot Required No
Virtual Machine Migration or Shutdown Required No
PRs Fixed 915379
Affected Hardware N/A
Affected Software N/A
Related CVE number CVE-2013-1406


Solution

Summaries and Symptoms

This patch resolves an issue where due to defective handling of some I/O control codes, the vmci.sys driver might allow privilege escalation on Windows guest operating systems. A malicious user can exploit this vulnerability to manipulate the memory allocation through the Virtual Machine Communication Interface (VMCI) code.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1406 to this issue.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table above.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware Update Manager. For details, see the VMware vCenter Update Manager Administration Guide.

ESXi hosts can also be updated using vSphere Host Update Utility or by manually downloading the patch ZIP file from the VMware download page and installing the bulletin by using the vihostupdate command through the vSphere CLI. For details, see the vSphere CLI Installation and Reference Guide and the vSphere Upgrade Guide.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 0 Ratings
Actions
KB: