-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0017 Synopsis: VMware ESX third party update for Service Console kernel Issue date: 2010-11-29 Updated on: 2010-11-29 (initial release of advisory) CVE numbers: CVE-2010-3081 - ------------------------------------------------------------------------ 1. Summary ESX Service Console OS (COS) kernel update. 2. Relevant releases VMware ESX 4.1 without patch ESX410-201011001 3. Problem Description a. Service Console OS update for COS kernel package. This patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer. Exploitation of this issue could allow a local user to gain additional privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-3081 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected hosted * any any not affected ESXi any ESXi not affected ESX 4.1 ESX ESX410-201011402-SG ESX 4.0 ESX patch pending ESX 3.x ESX not applicable * hosted products are VMware Workstation, Player, ACE, Fusion. 4. Solution Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file. ESX 4.1 ------- ESX410-201011001 Download link: https://hostupdate.vmware.com/software/VUM/OFFLINE/release-253-20101122-763 417/ESX410-201011001.zip md5sum: e73fd3302529c1d85d9cc47457dfb963 sha1sum: c0e0eac907c04105791ac44e288e7d8076dc14e0 http://kb.vmware.com/kb/1029400 ESX410-201011001 contains the following security bulletins: ESX410-201011402-SG (COS kernel) | http://kb.vmware.com/kb/1029397 ESX410-201011001 also contains the following non-security bulletins ESX410-201011401-BG To install an individual bulletin use esxupdate with the -b option. 5. References CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 - ------------------------------------------------------------------------ 6. Change log 2010-11-29 VMSA-2010-0017 Initial security advisory after release of patches for ESX 4.1 on 2010-11-29 - ----------------------------------------------------------------------- 7. Contact E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce This Security Advisory is posted to the following lists: * security-announce at lists.vmware.com * bugtraq at securityfocus.com * full-disclosure at lists.grok.org.uk E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055 VMware Security Center http://www.vmware.com/security VMware Security Advisories http://www.vmware.com/security/advisories VMware security response policy http://www.vmware.com/support/policies/security_response.html General support life cycle policy http://www.vmware.com/support/policies/eos.html VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html Copyright 2010 VMware Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8 wj8DBQFM9JzeS2KysvBH1xkRArPiAJ9KJBRsWfLT9rfk4wqN2hIz0Yh15wCfS2CW x3JECZ+Qw+nFI8EfioAmlaQ= =/OSY -----END PGP SIGNATURE-----