Search the VMware Knowledge Base (KB)
View by Article ID

VMware ESX 4.0 Patch ESX400-201310401-SG: Updates VMkernel, VMware Tools, VMX, hostd (2059490)

  • 0 Ratings


Product Version
ESX 4.0
Patch Classification
See KB 2014447 if using Update Manager 5.0
Build Information
For build information, see KB 2059495.
Host Reboot Required
Virtual Machine Migration or Shutdown Required
PRs Fixed
759138, 922942, 985367, 1005609, 1007788, 1030314, 1030320, 1037604, 1039709, 1040741, 1086890
Affected Hardware
Affected Software
VIBs Included
  • vmware-esx-apps
  • vmware-esx-cim
  • vmware-esx-drivers-vmklinux-vmklinux
  • vmware-esx-iscsi
  • vmware-esx-microcode
  • vmware-esx-perftools
  • vmware-esx-scripts
  • vmware-esx-srvrmgmt
  • vmware-esx-tools
  • vmware-esx-vmkctl
  • vmware-esx-vmkernel64
  • vmware-esx-vmnixmod
  • vmware-esx-vmx
  • vmware-hostd-esx
  • gnutls
  • kernel
  • openssl
  • Related CVE numbers
    CVE-2013-0268, CVE-2013-0871, CVE-2013-0169, CVE-2013-0166 , CVE-2013-2116


    Summaries and Symptoms

    This patch resolves the following issues:

    • Multiple processes compete against each other during vCenter Server host-sync and virtual machine cold relocate or vMotion operations. The VDS ports created on the destination hosts during cold relocate or vMotion might be removed by vCenter Server host-sync causing the virtual machine to lose network connectivity.

    • Application performance on virtual machines might be affected because of high CPU %Ready time. This issue occurs when the memory allocation statistics are not correctly paired and negative statistical values are generated. This eventually induces unnecessary NUMA migrations.

    • If you attempt to access the internet from a virtual machine connected to local network, through a NAT server configured on Windows Server 2008 R2 operating system with two VMXNET3 virtual network adapters, the internet access might not work.

    • ESX hosts might fail with a purple diagnostic screen under certain conditions when a TCP session stops unexpectedly and further TCP communication does not happen due to memory-buffer unavailability.

    • ESX hosts using Intel Xeon CPUs that support Flex Priority might fail with a purple diagnostic screen with error messages similar to the following related to incorrect Translation Lookaside Buffer (TLB) mapping:
      #PF Exception 14 in world wwww:WorldName IP 0xnnnnnn addr 0xnnn
      #PF Exception 14 in world wwww:WorldName IP 0xnnnnnn addr 0xnnn
      TimerAlloc@vmkernel#nover+0xnn stack: 0xnn
      Timer_AddTCWithLockDomain@vmkernel#nover+0xnn stack: 0xnn
      Timer_AddTC@vmkernel#nover+0xnn stack: 0xnn
      This issue has been observed with guest operating systems such as Windows XP 32-bit Edition and Windows Server 2003 pre SP2.
      This patch provides a complete workaround from purple diagnostic screens related to incorrect TLB mapping. After you apply the patch, the default value of the monitor control flag monitor_control.disable_flexpriority is changed from 0 to 1 so that flexpriority is disabled by default.

    • When you provision multiple virtual machines, some virtual machines might experience domain join failure because IP addresses cannot be assigned to them.
      Error message similar to the following might be displayed in the hostd log file during guest customization:
      \"SaveWorkingCopy: Error: (4002) Cannot read the virtual machine configuration file\" resulting in guest coming up without nic\'s enabled.

    • Attempts to delete a virtual machine folder while a virtual machine is powered on result in a message similar to Cannot delete file. [VMFS] . If you click the Delete button again without closing the datastore browser or changing the selection, and attempt to delete the same virtual machine folder, all virtual machine folders on the VMFS volume might get deleted. This issue affects VMware vSphere Client 4.0.x.

    This patch also includes an update for VMware Tools to add pre-built modules (PBMs) for Ubuntu 10.04.4.

    This patch resolves the following security issues:

    • This patch updates the ESX service console kernel to resolve two security issues. The Common Vulnerabilities and Exposures project ( has assigned the names CVE-2013-0268 and CVE-2013-0871 to these issues.

    • This patch updates the OpenSSL RPM for the ESX service console to resolve multiple security issues. The Common Vulnerabilities and Exposures project ( has assigned the names CVE-2013-0169, CVE-2013-0166 for these issues.

    • This patch updates the GnuTLS RPM for the ESX service console to gnutls-1.4.1-10.el5_9.2 to resolve a security issue. The Common Vulnerabilities and Exposures project ( has assigned the name CVE-2013-2116 for this issue.

    Deployment Considerations

    None beyond the required patch bundles and reboot information listed in the table above.

    Patch Download and Installation

    See the VMware vCenter Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX 4.0 hosts.

    To update ESX 4.0 hosts when not using Update Manager, download the patch ZIP file from and install the bulletin using esxupdate from the command line of the host. For more information, see the ESX 4.0 Patch Management Guide.


    Request a Product Feature

    To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


    • 0 Ratings

    Did this article help you?
    This article resolved my issue.
    This article did not resolve my issue.
    This article helped but additional information was required to resolve my issue.

    What can we do to improve this information? (4000 or fewer characters)

    Please enter the Captcha code before clicking Submit.
    • 0 Ratings