Search the VMware Knowledge Base (KB)
View by Article ID

VMware ESXi 6.0, Patch Release ESXi600-201703002 (2149672)

  • 0 Ratings

Details

ESXi 6.0 Update 1 or patches based on ESXi 6.0 Update 1 require an update to resolve critical security issues CVE-2017-4903 and CVE-2017-4904 and moderate security issue CVE-2017-4905. These issues are documented in VMware Security Advisory VMSA-2017-0006.

This patch addresses these issues.

Release Date: Mar 28, 2017

Download Filename:
ESXi600-201703002.zip

Build:
5251621

Download Size:
357.7 MB

md5sum:
c63251197ef179b745de3cf109e11e94

sha1sum:
4a7ea1cc359b3ea64a77b599e1dfbf9ac9445962

Host Reboot Required: Yes

Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID

Category

Severity

ESXi600-201703402-SG

Security

Critical


Image Profiles

Image Profile Name

ESXi-6.0.0-20170304002-standard

ESXi-6.0.0-20170304002-no-tools

Solution

Summaries and Symptoms

This patch updates the esx-base VIB to resolve these issues:
  • ESXi has uninitialized stack memory usage in SVGA. This issue may allow a guest VM to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4903 to this issue.
  • The ESXi XHCI controller has uninitialized memory usage. This issue may allow a guest VM to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4904 to this issue.
  • ESXi has uninitialized memory usage. This issue may lead to an information leak. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4905 to this issue.

Deployment Considerations

Apply this patch to these ESXi hosts:
  • update-from-esxi6.0-6.0_update01.zip or Build #3029758 - Released on 10/09/15
  • ESXi600-201510001.zip or Build #3073146 -  Released on 06/10/15
  • ESXi600-201511001.zip or Build # 3247720 - Released on 26/11/15
  • ESXi600-201601001.zip or Build# 3380124 - Released on 07/01/16
  • ESXi600-201602001.zip or Build # 3568940 - Released on 23/02/16

Patch Download and Installation

Download the ESXi600-201703002 Offline Bundle from VMware Downloads.

ESXi hosts can be updated by following methods:
Note: After patching the ESXi 6.0 hosts with VMware ESXi 6.0, Patch Release ESXi600-201703002, future upgrade path need to be to release ESXi600-201703001 and higher to prevent the issue being reintroduced to the environment.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: