Summaries and Symptoms
This patch contains the following updates:
- This patch updates NTP daemon that fixes a security issue in the way it handled certain malformed NTP packets. The NTP daemon logs information about all such packets and replies with an NTP packet that is treated as malformed when received by another ntpd. A remote attacker can use this flaw to create an NTP packet reply-loop between two ntpd servers through a malformed packet with a spoofed source IP address and port, causing ntpd on those servers to use excessive amounts of CPU time and fill disk space with log messages. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-3563 to this issue.
- This patch updates QLogic driver package to version 7.08-vm72.
- This patch updates the Emulex lpfc driver to version 188.8.131.52.9-vmw1. This update fixes the following issues in the Emulex driver:
- ESXi host fails and displays a purple screen while you are adding or removing LUNs. The purple screen displays an Exception type 13 error message with Emulex driver symbols.
- Emulex driver fails and displays a purple screen because of invalid state transitions in the driver's Discovery State Machine (DSM). These invalid transitions lead to memory double-free and use-after-free situations. This issue usually occurs when a continuous sequence of link-up and link-down events occur on a Fibre Channel link between the Emulex HBA and the switch.
- Emulex driver runs out of heap memory when a continuous sequence of link-up and link-down events occurs on the Fibre Channel link between the Emulex HBA and the switch. These link events occur as a result of misbehaving Fibre channel switches. When this issue occurs, virtual machines that are stored on SAN LUNs might stop working until the ESXi host reboots.
- Emulex driver uses ADISC model to validate the login to a target when a link comes up after a momentary link down. After ADISC validation, the driver fails to re-register the resources, leading to a reduced payload in the Fibre Channel frame. This issue is resolved in the Emulex driver by issuing a PLOGI to the target.
This patch also fixes the following issues:
- Removing all snapshots from a virtual machine with the Delete All option can use large amounts of disk space.
When using the Delete All option in Snapshot Manager, the snapshot farthest from the base disk is committed to its parent, causing that parent snapshot to grow. When that commit is complete, that snapshot is removed and the process starts over on the newly updated snapshot to its parent. This continues until every snapshot has been committed. This method can be relatively slow since data farthest from the base disk might be copied several times. More importantly, this method can aggressively use disk space if the snapshots are large, which is especially problematic if a limited amount of space is available on the datastore. The space issue is troublesome in that you might choose to delete snapshots explicitly to free up storage.
This issue is resolved in this patch in that the order of snapshot consolidation has been modified to start with the snapshot closest to the base disk instead of the farthest. The end result is that copying data repeatedly is avoided.
- Using VI Client, when accessing ESXi hosts directly or through VirtualCenter Server, the status of the System Board x ProcHot sensor is displayed as Unknown or Warning. In the VI Client, the System Board x ProcHot sensor status is displayed under the Configuration tab. In vCenter Server 4.0, it is displayed under the Hardware Status tab. This issue is seen on ESXi hosts running on HP AMD platforms that support the six-core AMD Opteron processors.
After applying this patch, the System Board x ProcHot sensor is not listed on ESXi hosts connected through the VI Client or the VirtualCenter Server.
- ESXi does not detect the link-status on Intel e1000 drivers.
- When you register virtual machines using a corrupted .vmxf file, the virtual machines move into an invalid state in the VI Client. An NFS outage might corrupt the .vmxf file.
- Autostart and autostop features fail on ESXi when the lockdown mode is enabled. After installing this patch, this issue does not occur if a vpxuser account is created on the ESXi host. The vpxuser account is automatically created when the host is managed by VirtualCenter.
None beyond the required patch bundles and reboot information listed in the table, above.
Patch Download and Installation
Note: All virtual machines on the ESXi host must be either shut down or migrated using vMotion before applying the patch. A reboot of the ESXi host is required after applying this patch.
The typical way to apply patches to ESXi hosts is through the vCenter Update Manager. For details, see the vCenter Update Manager Administration Guide.
ESXi hosts can also be updated by downloading the most recent "O" (offline) patch bundle from http://support.vmware.com/selfsupport/download/ and installing the bundle using VMware Infrastructure Update or by using the vihostupdate command through the Remote Command Line Interface (RCLI). For details, see the ESX Server 3i Configuration Guide and the ESX Server 3i Embedded Setup Guide (Chapter 10, Maintaining ESX Server 3i and the VI Client) or the ESX Server 3i Installable Setup Guide (Chapter 11, Maintaining ESX Server 3i and the VI Client).
Note: ESXi hosts do not reboot automatically when you patch with the offline bundle.