VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

ID VMSA-2008-0019
Type vmware
Reporter VMware
Modified 2008-12-02T00:00:00


a. Critical Memory corruption vulnerability

A memory corruption condition may occur in the virtual machine
hardware. A malicious request sent from the guest operating
system to the virtual hardware may cause the virtual hardware to
write to uncontrolled physical memory.
VMware would like to thank Andrew Honig of the Department of
Defense for reporting this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-4917 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.