VMware ESXi 6.7, Patch Release ESXi670-201806401-BG - Updates esx-base, vsan, and vsanhealth VIBs
search cancel

VMware ESXi 6.7, Patch Release ESXi670-201806401-BG - Updates esx-base, vsan, and vsanhealth VIBs

book

Article ID: 325177

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Release date: June 28, 2018

Patch CategoryBugfix
Patch SeverityImportant
Host Reboot RequiredYes
Virtual Machine Migration or Shutdown RequiredYes
Affected HardwareN/A
Affected SoftwareN/A
VIBs Included
  • VMware_bootbank_vsan_6.7.0-0.14.8941472
  • VMware_bootbank_esx-base_6.7.0-0.14.8941472
  • VMware_bootbank_vsanhealth_6.7.0-.14.8941472
PRs Fixed N/A
Related CVE numbersN/A


Environment

VMware vSphere ESXi 6.7

Resolution

Summaries and Symptoms

This patch updates the esx-base, vsan and vsanhealth VIBs to resolve the following issues:

  • This ESXi patch provides part of the hypervisor-assisted guest mitigation of CVE-2018-3639 for guest operating systems. For important details on this mitigation, see VMware Security Advisory VMSA-2018-0012.1.
  • VMware ESXi contains multiple out-of-bounds read vulnerabilities in the DX11 translator. Successful exploitation of these issues might lead to information disclosure or might allow attackers with normal user privileges to crash their virtual machines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2018-6965, CVE-2018-6966, and CVE-2018-6967 to these issues.
  • Datastores might become inaccessible after a rebootless upgrade in ESXi configurations with LSI controllers. This is because a STOP UNIT command, sent to drives during driver unload, is not matched with a START UNIT command during load. As result, the drive media might be inaccessible after a reboot.
Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the VMware ESXi Upgrade Guide.
Powered by Wolken Software