VMware ESXi 6.5, Patch Release ESXi650-201803401-BG - Updates esx-base, esx-tboot, vsan, and vsanhealth VIBs
Article ID: 326456
Updated On:
Products
VMware
Issue/Introduction
Release date: March 20, 2018
| Patch Category | Bugfix |
| Patch Severity | Important |
| Host Reboot Required | Yes |
| Virtual Machine Migration or Shutdown Required | Yes |
| Affected Hardware | N/A |
| Affected Software | N/A |
| VIBs Included |
|
| PRs Fixed | N/A |
| Related CVE numbers | CVE-2017-5715 |
IMPORTANT: If you use a host profile based on VMware vCenter Server 6.5 Update 1e, there is a small possibility that your existing profile has captured the wrong state for the workaround discussed in KB 52345. Use the following steps to refresh the profile:
- Log in to the reference ESXi host as a root user.
- From the ESXi Shell, run the command /usr/lib/vmware/misc/bin/ucode_workarounds.py.
- Update the host profile from the reference ESXi host with the Copy Settings from Host option.
- Check Host Profile compliance and remediate all the ESXi hosts attached to the host profile.
Resolution
Summaries and Symptoms
This patch updates the esx-base, esx-tboot, vsan and vsanhealth VIBs to resolve the following issue:
- This ESXi patch provides part of the hypervisor-assisted guest mitigation of CVE-2017-5715 for guest operating systems. For important details on this mitigation, see VMware Security Advisory VMSA-2018-0004.3.
The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the Installing and Administering VMware vSphere Update Manager.
ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.Feedback
Yes
No
Powered by
