VMware Cloud Community
tianhailong666
Enthusiast
Enthusiast
‎01-10-2017 10:06 PM

Does CVE-2016-9754 affect esx and if have soluation about it ?

hello,

Recently CSV found a vulner CVE -CVE-2016-9754  as below description.  I already know it won't affect ESXi since it's based vmkernel.    but esx4.0 will affect by this vulner because it's kernel is low to 4.6.1.   

Anyone who know how to deal with it, if have soluation about esx4.0 related this issue?  thanks for your kindly reply!

The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

CVE -CVE-2016-9754

Reply
0 Kudos
1 Reply
tianhailong666
Enthusiast
Enthusiast
‎01-15-2017 05:03 PM

Hello,

everybody who know about it ?  It seems like VMware has not action or plan yet about how to resolve this vunlerability related to ESX4.0, right?     

Reply
0 Kudos