Hi Alan,
CVE,this is related to Redhat Kernel security and ESXi kernel is distinct from it.If any security related concern will be available in the VMware Security Advisories.If it is vulnerable VMware security team will dispatch the patch via KB or email subscribed in the Advisories
Link : Advisories