Search the VMware Knowledge Base (KB)
View by Article ID

VMware ESXi 5.5, Patch ESXi-5.5.0-20170304001-standard (2149578)

  • 0 Ratings

Details

Profile Name
ESXi-5.5.0-20170304001-standard
Build
For build information, see KB 2149576.
Vendor
VMware, Inc.
Release Date
Mar 28, 2017
Acceptance Level
PartnerSupported
Affected Hardware
N/A
Affected Software
N/A
Affected VIBs
VMware_bootbank_esx-base_5.5.0-3.101.5230635
PRs Fixed
N/A
Related CVE numbers
CVE-2017-4904, CVE-2017-4905

Solution

Summaries and Symptoms

This patch resolves the following issues:

  • The ESXi XHCI controller has uninitialized memory usage. This issue may lead to a Denial of Service of the guest VM. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4904 to this issue.

  • ESXi has uninitialized memory usage. This issue may lead to an information leak. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4905 to this issue.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table above.

Patch Download and Installation

An ESXi system can be updated using the image profile, by using the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide. ESXi hosts can also be updated by manually downloading the patch ZIP file from the Patch Manager Download Portal and installing the VIB by using the esxcli software vib command. 

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: