[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2011-0012
Synopsis:          VMware ESXi and ESX updates to third party libraries
                   and ESX Service Console
Issue date:        2011-10-12
Updated on:        2011-10-12 (initial release of advisory)
CVE numbers:       --- COS Kernel ---
                   CVE-2010-1083, CVE-2010-2492, CVE-2010-2798,
                   CVE-2010-2938, CVE-2010-2942, CVE-2010-2943,
                   CVE-2010-3015, CVE-2010-3066, CVE-2010-3067,
                   CVE-2010-3078, CVE-2010-3086, CVE-2010-3296,
                   CVE-2010-3432, CVE-2010-3442, CVE-2010-3477,
                   CVE-2010-3699, CVE-2010-3858, CVE-2010-3859,
                   CVE-2010-3865, CVE-2010-3876, CVE-2010-3877,
                   CVE-2010-3880, CVE-2010-3904, CVE-2010-4072,
                   CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,
                   CVE-2010-4081, CVE-2010-4083, CVE-2010-4157,
                   CVE-2010-4158, CVE-2010-4161, CVE-2010-4238,
                   CVE-2010-4242, CVE-2010-4243, CVE-2010-4247,
                   CVE-2010-4248, CVE-2010-4249, CVE-2010-4251,
                   CVE-2010-4255, CVE-2010-4263, CVE-2010-4343,
                   CVE-2010-4346, CVE-2010-4526, CVE-2010-4655,
                   CVE-2011-0521, CVE-2011-0710, CVE-2011-1010,
                   CVE-2011-1090, CVE-2011-1478
                   --- COS krb5 ---
                   CVE-2010-1323, CVE-2011-0281, CVE-2011-0282
                   --- glibc library ---
                   CVE-2010-0296, CVE-2011-0536, CVE-2011-1071,
                   CVE-2011-1095, CVE-2011-1658, CVE-2011-1659
                   --- mtp2sas ---
                   CVE-2011-1494, CVE-2011-1495
                   
- ------------------------------------------------------------------------

1. Summary

   VMware ESXi and ESX updates to third party libraries and ESX Service
   Console address several security issues.

2. Relevant releases

   ESXi 4.0 without patch ESXi400-201110401-SG.

   ESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG,
   ESX400-201110409-SG

3. Problem Description

 a. ESX third party update for Service Console kernel

    This update takes the console OS kernel package to
    kernel-2.6.18-238.9.1 which resolves multiple security issues.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798,
    CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015,
    CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086,
    CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477,
    CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865,
    CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904,
    CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,
    CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4158,
    CVE-2010-4161, CVE-2010-4238, CVE-2010-4242, CVE-2010-4243,
    CVE-2010-4247, CVE-2010-4248, CVE-2010-4249, CVE-2010-4251,
    CVE-2010-4255, CVE-2010-4263, CVE-2010-4343, CVE-2010-4346,
    CVE-2010-4526, CVE-2010-4655, CVE-2011-0521, CVE-2011-0710,
    CVE-2011-1010, CVE-2011-1090 and CVE-2011-1478 to these issues.  

    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected

    ESXi           any       ESXi     not affected

    ESX            5.0       ESX      not affected
    ESX            4.1       ESX      patch pending
    ESX            4.0       ESX      ESX400-201110401-SG
    ESX            3.5       ESX      not applicable
    ESX            3.0.3     ESX      not applicable
 
    * hosted products are VMware Workstation, Player, ACE, Fusion.

 b. ESX third party update for Service Console krb5 RPMs

    This patch updates the krb5-libs and krb5-workstation RPMs of the
    console OS to version 1.6.1-55.el5_6.1, which resolves multiple
    security issues.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2010-1323, CVE-2011-0281, and CVE-2011-0282 to
    these issues.

    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected

    ESXi           any       ESXi     not affected

    ESX            5.0       ESX      not affected
    ESX            4.1       ESX      patch pending
    ESX            4.0       ESX      ESX400-201110403-SG
    ESX            3.5       ESX      not applicable
    ESX            3.0.3     ESX      not applicable
 
    * hosted products are VMware Workstation, Player, ACE, Fusion.

 c. ESXi and ESX update to third party component glibc
      
    The glibc third-party library is updated to resolve multiple
    security issues.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2010-0296, CVE-2011-0536, CVE-2011-1071,
    CVE-2011-1095, CVE-2011-1658, and CVE-2011-1659 to these issues.

    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected

    ESXi           4.1       ESXi     patch pending
    ESXi           4.0       ESXi     ESXi400-201110401-SG
    ESXi           3.5       ESXi     patch pending

    ESX            5.0       ESX      patch pending
    ESX            4.1       ESX      patch pending
    ESX            4.0       ESX      ESX400-201110401-SG
    ESX            3.5       ESX      patch pending
    ESX            3.0.3     ESX      no patch planned

    * hosted products are VMware Workstation, Player, ACE, Fusion.

d. ESX update to third party drivers  mptsas, mpt2sas, and mptspi

    The mptsas, mpt2sas, and mptspi drivers are updated which addresses
    multiple security issues in the mpt2sas driver.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2011-1494 and CVE-2011-1495 to these issues.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected

    ESXi           any       ESXi     not applicable

    ESX            5.0       ESX      not applicable
    ESX            4.1       ESX      patch pending
    ESX            4.0       ESX      ESX400-201110409-SG
    ESX            3.5       ESX      patch pending
    ESX            3.0.3     ESX      no patch planned

4. Solution

   Please review the patch/release notes for your product and version
   and verify the checksum of your downloaded file.

   ESXi 4.0
   --------
   ESXi400-201110001
 
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-315-20111006-920
880/ESXi400-201110001.zip
   md5sum: fd47b5e2b7ea1db79a2e0793d4c9d9d3
   sha1sum: 759d4fa6da6eb49f41def68e3bd66e80c9a7032b
   http://kb.vmware.com/kb/1036397

   ESXi400-201110001 contains ESXi400-201110401-SG
   
   ESX 4.0
   -------
   ESX400-201110001
 
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-314-20111006-398
488/ESX400-201110001.zip
   md5sum: 0ce9cc285ea5c27142c9fdf273443d78
   sha1sum: fdb5482b2bf1e9c97f2814255676e3de74512399
   http://kb.vmware.com/kb/1036391

   ESX400-201110001 contains ESX400-201110401-SG, ESX400-201110403-SG
   and ESX400-201110409-SG.


5. References

   CVE numbers
   --- COS Kernel ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1083
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2492
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2798
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2938
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2942
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2943
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3015
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3066
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3067
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3078
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3086
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3296
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3432
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3442
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3477
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3699
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3858
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3859
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3865
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3876
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3877
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3880
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3904
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4072
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4073
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4075
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4080
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4081
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4083
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4157
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4158
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4161
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4238
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4242
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4243
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4247
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4248
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4251
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4255
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4263
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4343
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4346
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4526
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4655
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0521
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0710
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1010
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1090
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1478
   --- COS krb5 ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0281
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0282
   --- glibc library ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0296
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0536
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1071
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1095
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1658
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659
   --- mtp2sas ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495


- ------------------------------------------------------------------------
6. Change log

2011-10-12  VMSA-2011-0012
Initial security advisory in conjunction with the release of patches for
ESX 4.0 and ESXi 4.0 on 2011-10-12.

- -----------------------------------------------------------------------
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  * security-announce at lists.vmware.com
  * bugtraq at securityfocus.com
  * full-disclosure at lists.grok.org.uk

E-mail:  security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2011 VMware Inc.  All rights reserved.


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFOlnr7DEcm8Vbi9kMRAhxzAKCod5h2RiEE5Di4RFB6G+pNlaUbyACeMkLh
Vi7veN+spsUO2+HHXdh9EMU=
=il4Z
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/