Knowledge Base

Summaries and Symptoms

This patch fixes the following issues:

• Fixes an issue where the NTPD daemon might have a stack-based buffer overflow if it is configured to use the autokey security model. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue.
• A stack-based buffer overflow in ISC dhclient might allow remote DHCP servers to execute arbitrary code by using a crafted subnet-mask option. The Common Vulneras and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue.
• ESXi might stop responding when NFS volume goes offline. When a mounted NFS volume goes offline in an ESXi cluster, it might cause the heap size to grow and might cause the ESXi to stop responding.
• Setting VMkernel:Boot.storageHeapMaxSize to a value of 2147483647 or higher can cause a non-responsive server. If you use the Advanced Settings dialog box on the vSphere Client Configuration tab to set the VMkernel:Boot.storageHeapMaxSize option to a value of 2147483647 or higher, the ESXi host will fail with a purple screen after you reboot it. This issue is resolved in this release.
• The fix for a previously identified VMotion failure might prevent the migration (of virtual machines with video ram greater than 30MB only) to a host without the fix. ESXi 4.0 Update 1 fixes the VMotion failure as described in KB 1011971. However, using VMotion to migrate a virtual machine with video ram of greater than 30MB to an ESXi 4.0 Update 1 host might prevent you from migrating back to a host that does not have this fix.
• Enabling HA fails when ESXi host does not have DNS connectivity. If the ESXi host does not have DNS connectivity, when you enable or configure VMware HA, and the host short name is not populated in the /etc/hosts file, enabling or configuring HA might fail. This issue is resolved in this release.
• ESXi 4.0 server sometimes becomes unresponsive when host memory is heavily over-committed. ESXi 4.0 server sometimes becomes unresponsive when the host memory is over-committed where the usage is more than 200%, and the server is configured as a Long Uptime Server. All virtual machines fail when the server is not responding to any actions. This issue is resolved in this release.
• vCenter issues an error when the Power.CpuPolicy configuration option is changed to dynamic. While changing the Power.CpuPolicy option from static to dynamic, vCenter issues the following error message:
  The value entered is not valid. Enter another value
  This error appears because ESXi 4.0 attempts to change the system's CPU power management policy to dynamic even when the BIOS does not properly support processor performance states (P-states). This issue is resolved in this release.
• Upgrading ESX Server 3i 3.5 to ESXi 4.0 fails in specific cases. This issue only occurs with installations on serial attached SCSI (SAS) disks or fibre channel (FC) disks. In such cases, when you attempt to upgrade ESX Server 3i 3.5 installed on SAS or FC disk, the following error occurs during the upgrade:
  Unsupported boot disk. The boot device layout on the host will not support the upgrade
  Note that this issue is one of a variety that can cause the preceding error to appear. This issue is resolved in this release.However, be aware that an in-place upgrade of ESXi Installable is not possible on a boot LUN which also contains a VMFS partition.
• A series of vmklinux heap allocation warnings are followed by an ESXi system failure. This issue is caused by an erroneous response to a legitimate overcommitment of memory. When memory runs low from heavy swapping or VMotion use, a vmklinux limitation might be encountered. Specifically, the problem is triggered by a shortage of memory located below address 4GB. In such a situation, a series of log messages warn of a failure to allocate memory for the vmklinux heap. ESXi then becomes unavailable, logging exception 14 in a helper world. The following log excerpt is indicative of the messages logged:
  [1:01:35:02.450 cpu7:4480)WARNING: Heap: 1471: Could not allocate 2093688 bytes for dynamic heap vmklinux. Request returned Out of memory
  [1:01:35:02.450 cpu7:4480)WARNING: Heap: 1645: Heap_Align(vmklinux, 1024/1024 bytes, 8 align) failed. caller: 0x4180303746b7
  [1:01:35:02.450 cpu7:4480)WARNING: Heap: 1471: Could not allocate 2093688 bytes for dynamic heap vmklinux. Request returned Out of memory
  [1:01:35:02.450 cpu7:4480)WARNING: Heap: 1645: Heap_Align(vmklinux, 1024/1024 bytes, 8 align) failed. caller: 0x4180303746b7
  [VMware ESX [Releasebuild-164009 X86_64]
  #PF Exception(14) in world 4480:helper18-7 ip 0x41803037480c addr 0x0
  While this issue might in theory occur on ESXi, all observations have been with ESX installations. ESX has a higher vulnerability due to the use of low memory by the service console. This issue is resolved in this release.
• Updates the description of Broadcom NetXtreme BCM5722 network adapter in vCenter for some Dell servers. The description in vCenter for Broadcom NetXtreme BCM5722 network adapter on some Dell servers which contained a few unnecessary words are removed and updated to NetXtreme BCM5722 Gigabit Ethernet. The description is updated for Dell PowerEdge T105, R300 and T300 servers.
  
  For a complete list of the issues fixed in ESXi 4.0 Update 1, see the ESXi 4.0 Update 1 Release Notes.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table above.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware Update Manager. For details, see the VMware vCenter Update Manager Administration Guide.

ESXi hosts can also be updated using vSphere Host Update Utility or by manually downloading the patch zip file from http://support.vmware.com/selfsupport/download/ and installing the bulletin by using the vihostupdate command through the vSphere CLI. For details, see the vSphere CLI Installation and Reference Guide and the vSphere Upgrade Guide.