ESX Server 3.0.1, Patch Bundle ESX-6431040: Security Fix For Buffer Overflow Issue (6431040)
The following patches are contained within this bundle:
This bundle is a group of patches to resolve two possible security issues. They are as follows:
- An internal security audit revealed a double free condition. It may be possible for an attacker to influence the operation of the system. In most circumstances, this influence will be limited to denial of service or information leakage, but it is theoretically possible for an attacker to insert arbitrary code into a running program. This code would be executed with the permissions of the vulnerable program. There are no known exploits for this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2007-1270 to this issue.
- An internal security audit revealed a potential buffer overflow condition. There are no known vulnerabilities, but such vulnerabilities might be used to elevate privileges or to crash the application and thus cause a denial of service.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2007-1271 to this issue.
|Note: All the patches in this bundle must be applied for the security fixes described above to be complete.|
In addition to a required component of the buffer overflow fix, patch ESX-1161870 also provides a fix for an issue where taking a snapshot of a Solaris 10 (32-bit or 64-bit) virtual machine can cause a loss of networking to that virtual machine.
The patches in this bundle are for ESX Server 3.0.1 only. For the related bundle for ESX Server 3.0.0, please refer to http://kb.vmware.com/kb/5754280.
Download and verify the patch bundle as follows:
- Download patch ESX-6431040 from http://www.vmware.com/download/vi/vi3_patches.html.
- Log into the ESX Server service console as root.
- Create a local depot directory.
# mkdir /var/updates
Note: VMware recommends that you use the updates directory.
- Change your working directory to /var/updates.
# cd /var/updates
- Download the tar file into the /var/updates directory.
- Verify the integrity of the downloaded tar file.
# md5sum ESX-6431040.tgz
The md5 checksum output should match the following:
- Extract the compressed tar archive:
# tar -xvzf ESX-6431040.tgz
- Change to the newly created directory, /var/updates/ESX-6431040.
# cd ESX-6431040
For ESX Server versions 3.x, patches are installed using the esxupdate utility on the ESX Server host. This patch bundle makes use of esxupdate and a script that helps you to install multiple patches. With the script, you can choose to install all or only a few of the patches contained within the bundle, or you can choose to use the esxupdate without the script. For installation instructions for each method, see the following sections.
For more information on using esxupdate, refer to the Patch Management for ESX Server 3 tech note at http://www.vmware.com/pdf/esx3_esxupdate.pdf.
|Note: All virtual machines on the host must be either shut down or migrated using VMotion before applying the patch. A reboot of the ESX Server host is not required.|
Installing the Patches Using the install_patches Script
Install all the patch updates using the install_patches script command provided in the patch tar file. The install_patches script will help prompt you to decide if you want to apply all or some patch bundles. Once you have downloaded and extracted the archive, and if you are in the directory you created above, start the script as follows:
When the script has completed all of the patch installations, it will prompt you whether you want to reboot the ESX Server host.
Installing the Patches Individually Using esxupdate
Once you have downloaded and extracted the archive, if you are in the bundle's main directory, you will need to change to the directory of the patch you want to install as follows:
# cd ESX-xxxxxx
The full path will now be something like /var/updates/ESX-6431040/ESX-xxxxxx, where ESX-xxxxxx is the patch number you want to install. To install the update, issue the following command:
# esxupdate update
If you want to run esxupdate from a different directory, you must specify the path in the command:
# esxupdate -r file://<directory>/ESX-xxxxxx update
For example, if the host is called depot:
# esxupdate –r file:///depot/var/updates/ESX-xxxxxx update
During the update process, logs appear on the terminal. You can specify the verbosity of esxupdate logs by using the -v option as shown below:
# esxupdate -v 10 -r file://<directory>/ESX-xxxxxx update