check-circle-line exclamation-circle-line close-line

VMware ESXi 6.5, Patch Release ESXi650-201811001

Release Date: November 9, 2018

Download Filename:

ESXi650-201811001.zip

Build:

10719125

Download Size:

344.8 MB

md5sum:

1f9905c119dab22ba254b4b5c0a49cbd

sha1checksum:

00a885a1faf5426c269d646e127905fddd03840f

Host Reboot Required: Yes

Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi650-201811301-BG Bugfix Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.5.

Bulletin ID Category Severity
ESXi650-201811001 Bugfix Important

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-6.5.0-20181103001-standard
ESXi-6.5.0-20181103001-no-tools

For more information about the individual bulletins, see the My VMware page and the Resolved Issues section.

Resolved Issues

The resolved issues are grouped as follows.

ESXi650-201811301-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-tboot_6.5.0-2.67.10719125
  • VMware_bootbank_esx-base_6.5.0-2.67.10719125
  • VMware_bootbank_vsan_6.5.0-2.67.10642690 
  • VMware_bootbank_vsanhealth_6.5.0-2.67.10642691
PRs Fixed  N/A 
Related CVE numbers CVE-2018-6981, CVE-2018-6982

This patch updates esx-base, vsan, esx-tboot and vsanhealth VIBs to resolve the following issue:

  • ESXi has uninitialized stack memory usage vulnerability in the vmxnet3 virtual network adapter that might allow a guest to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2018-6981 and CVE-2018-6982 to this issue. 
    ​For more details, see VMware Security Advisory VMSA-2018-0027.

ESXi-6.5.0-20181103001-standard
Profile Name ESXi-6.5.0-20181103001-standard
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date November 9, 2018
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-tboot_6.5.0-2.67.10719125
  • VMware_bootbank_esx-base_6.5.0-2.67.10719125
  • VMware_bootbank_vsan_6.5.0-2.67.10642690 
  • VMware_bootbank_vsanhealth_6.5.0-2.67.10642691
PRs Fixed N/A
Related CVE numbers CVE-2018-6981, CVE-2018-6982

This patch updates the following issue:

  • ESXi has uninitialized stack memory usage vulnerability in the vmxnet3 virtual network adapter that might allow a guest to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2018-6981 and CVE-2018-6982 to this issue. 
    ​For more details, see VMware Security Advisory VMSA-2018-0027.

ESXi-6.5.0-20181103001-no-tools
Profile Name ESXi-6.5.0-20181103001-no-tools
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date November 9, 2018
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-tboot_6.5.0-2.67.10719125
  • VMware_bootbank_esx-base_6.5.0-2.67.10719125
  • VMware_bootbank_vsan_6.5.0-2.67.10642690 
  • VMware_bootbank_vsanhealth_6.5.0-2.67.10642691
PRs Fixed N/A
Related CVE numbers CVE-2018-6981, CVE-2018-6982

This patch updates the following issue:

  • ESXi has uninitialized stack memory usage vulnerability in the vmxnet3 virtual network adapter that might allow a guest to execute code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2018-6981 and CVE-2018-6982 to this issue. 
    ​For more details, see VMware Security Advisory VMSA-2018-0027.