check-circle-line exclamation-circle-line close-line

Release Date: DEC 19, 2019

Build Details

Download Filename: ESXi650-201912002.zip
Build: 15256549
Download Size: 482.4 MB
md5sum: b3d3d2c6c92648dc3d13b03aecda1faf
sha1checksum: fffdf762801e389046242b7b8a42e5d8adacb10e
Host Reboot Required: Yes
Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi650-201912401-BG Bugfix Critical
ESXi650-201912402-BG Bugfix Important
ESXi650-201912403-BG Bugfix Important
ESXi650-201912404-BG Bugfix Important
ESXi650-201912101-SG Security Important
ESXi650-201912102-SG Security Important
ESXi650-201912103-SG Security Important
ESXi650-201912104-SG Security Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.5.

Bulletin ID Category Severity
ESXi650-201912002 Bugfix Critical

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
EESXi-6.5.0-20191204001-standard
ESXi-6.5.0-20191204001-no-tools
ESXi-6.5.0-20191201001s-standard
ESXi-6.5.0-20191201001s-no-tools

For more information about the individual bulletins, see the Download Patches page and the Resolved Issues section.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is by using the VMware vSphere Update Manager. For details, see About Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated by using the image profile and the esxcli software profile command.

For more information, see vSphere Command-Line Interface Concepts and Examples and vSphere Upgrade Guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi650-201912401-BG
Patch Category Bugfix
Patch Severity Critical
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_vsanhealth_6.5.0-3.120.15081994
  • VMware_bootbank_vsan_6.5.0-3.120.15087173
  • VMware_bootbank_esx-tboot_6.5.0-3.120.15256549
  • VMware_bootbank_esx-base_6.5.0-3.120.15256549
PRs Fixed  2360407, 2403863, 2368281, 2399214, 2399723, 2337888, 2379543, 2389006, 2370145, 2410508, 2394253, 2425066, 2389128, 2444667, 2448025, 2437368, 2271176, 2423302, 2405783, 2393379, 2412737, 2357384, 2381549, 2443938, 2445628, 2170024, 2334089, 2343912, 2372211, 2388141, 2409981, 2412640, 2406038, 2367194, 2430956, 2367003, 2397504, 2432248, 2404787, 2407598, 2453909, 2430178, 2423695, 2359950, 2334733, 2449875, 2436649, 2349289, 2385716, 2340751, 2386848, 2439250, 2423391
Related CVE numbers N/A

This patch updates the esx-base, esx-tboot, vsan, and vsanhealth VIBs to resolve the following issues:

  • PR 2360407: When some applications that use 3D software acceleration run on a virtual machine, the virtual machine might stop responding

    If a virtual machine runs applications that use particular 3D state and shaders, and if software 3D acceleration is enabled, the virtual machine might stop responding.

    This issue is resolved in this release.

  • PR 2403863: Manually triggering a non-maskable interrupt (NMI) might not work оn an ESXi host with an AMD EPYC 7002 series processor

    Requesting an NMI from the hardware management console (BMC) or by pressing a physical NMI button must cause ESXi hosts to fail with a purple diagnostic screen and dump core. Instead, nothing happens and the ESXi host continues running.

    This issue is resolved in this release.

  • PR 2368281: An API call to configure the number of queues and worlds of a driver might cause an ESXi host to fail with a purple diagnostic screen

    You can use the SCSIBindCompletionWorlds() method to set the number of queues and worlds of a driver. However, if you set the numQueues parameter to a value more than 1 and the numWorlds parameter to a value that is equal or less than 1, the API call might return without releasing the lock held. This results in a deadlock and the ESXi host might fail with a purple diagnostic screen.

    This issue is resolved in this release.

  • PR 2399214: In a vCenter Server system using AMD EPYC 7002 series processors, a virtual machine that has a PCI passthrough device might fail to power on

    In a vCenter Server system using AMD EPYC 7002 series processors, a virtual machine that has a PCI passthrough device might fail to power on. In the vmkernel.log, you see messages similar to:
    4512 2019-08-06T06:09:55.058Z cpu24:1001397137)AMDIOMMU: 611: IOMMU 0000:20:00.2: Failed to allocate IRTE for IOAPIC ID 243 vector 0x3f
    4513 2019-08-06T06:09:55.058Z cpu24:1001397137)WARNING: IOAPIC: 1238: IOAPIC Id 243: Failed to allocate IRTE for vector 0x3f

    In the AMD IOMMU interrupt remapper, IOAPIC interrupts the use of an IRTE index equal to the vector number. In certain cases, a non-IOAPIC interrupt might take the index that an IOAPIC interrupt needs.

    This issue is resolved in this release.

  • PR 2399723: When a virtual machine client needs an extra memory reservation, ESXi hosts might fail with a purple diagnostic screen

    When a virtual machine client needs an extra memory reservation, if the ESXi host has no available memory, the host might fail with a purple diagnostic screen. You see a similar backtrace:
    @BlueScreen: #PF Exception 14 in world 57691007:vmm0:LGS-000 IP 0x41802601d987 addr 0x88
    PTEs:0x2b12a6c027;0x21f0480027;0xbfffffffff001;
    0x43935bf9bd48:[0x41802601d987]MemSchedReapSuperflousOverheadInt@vmkernel#nover+0x1b stack: 0x0
    0x43935bf9bd98:[0x41802601daad]MemSchedReapSuperflousOverhead@vmkernel#nover+0x31 stack: 0x4306a812
    0x43935bf9bdc8:[0x41802601dde4]MemSchedGroupAllocAllowed@vmkernel#nover+0x300 stack: 0x4300914eb120
    0x43935bf9be08:[0x41802601e46e]MemSchedGroupSetAllocInt@vmkernel#nover+0x52 stack: 0x17f7c
    0x43935bf9be58:[0x418026020a72]MemSchedManagedKernelGroupSetAllocInt@vmkernel#nover+0xae stack: 0x1
    0x43935bf9beb8:[0x418026025e11]MemSched_ManagedKernelGroupSetAlloc@vmkernel#nover+0x7d stack: 0x1bf
    0x43935bf9bee8:[0x41802602649b]MemSched_ManagedKernelGroupIncAllocMin@vmkernel#nover+0x3f stack: 0x
    0x43935bf9bf28:[0x418025ef2eed]VmAnonUpdateReservedOvhd@vmkernel#nover+0x189 stack: 0x114cea4e1c
    0x43935bf9bfb8:[0x418025eabc29]VMMVMKCall_Call@vmkernel#nover+0x139 stack: 0x418025eab778

    This issue is resolved in this release.

  • PR 2337888: If you do not configure a default route in an ESXi host, the SNMP‎ traps are sent with a payload in which the ESXi SNMP agent IP address sequence is in reverse order

    If you do not configure a default route in an ESXi host, the IP address of the ESXi SNMP‎ agent might be in reverse order in the payload of the sent SNMP‎ traps. For example, if the SNMP agent is with an IP address 172.16.0.10, in the payload the IP address is 10.0.16.172. As a result, the SNMP‎ traps reach the target with an incorrect IP address of the ESXi SNMP agent in the payload.

    This issue is resolved in this release.

  • PR 2379543: You see MULTIPROCESSOR CONFIGURATION NOT SUPPORTED error message on a blue screen on Windows virtual machines while migrating to ESXi 6.5

    Windows virtual machines might fail while migrating to ESXi 6.5 after a reboot initiated by the guest OS. You see MULTIPROCESSOR CONFIGURATION NOT SUPPORTED error message on a blue screen. The fix prevents the x2APIC ID field of the guest CPUID to be modified during the migration.

    This issue is resolved in this release.

  • PR 2389006: Adding an ESXi host to an Active Directory domain by using a vSphere Authentication Proxy might fail intermittently

    Adding an ESXi host to an AD domain by using a vSphere Authentication Proxy might fail intermittently with error code 41737, which corresponds to error message LW_ERROR_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, when a host is temporarily unable to find its created machine account in the AD environment. This fix adds a retry logic for adding ESXi hosts to AD domains by using the Authentication Proxy.

    This issue is resolved in this release.

  • PR 2370145: Virtual machines failing with Unrecoverable Memory Allocation Failure error

    When 3D software acceleration is enabled, the virtual machine executable (VMX) process might fail if the software renderer uses more memory than is reserved for it. You see an error Unrecoverable Memory Allocation Failure. Windows 10 OS virtual machines are prone to this issue.

    This issue is resolved in this release.

  • PR 2410508: An ESXi host might fail with a purple diagnostic screen during shutdown if both MLDv1 and MLDv2 devices are present in the network

    An ESXi host might fail with a purple diagnostic screen during shutdown due to very rare race condition when the host is trying to access a memory region in the exact time between it is freed and allocated to another task. This issue occurs when both MLDv1 and MLDv2 devices are present in the network and global IPv6 addresses are disabled. The issue was fixed in ESXi650-201811002. However, the fix revealed another issue during ESXi hosts shutdown, that resulted in a NULL pointer dereference while IPv6 was disabled.

    This issue is resolved in this release.

  • PR 2394253: You cannot set virtual machines to power cycle when the guest OS reboots

    After a microcode update, sometimes it is necessary to reenumerate the CPUID for the virtual machines on an ESXi server. By using the configuration parameter vmx.reboot.powerCycle = TRUE you can schedule virtual machines for power cycle when necessary.

    This issue is resolved in this release.

  • PR 2425066: If you disable checksums for vSphere Replication, an ESXi host might fail with a purple diagnostic screen

    Sometimes, if you disable checksums for vSphere Replication by setting the parameter HBR.ChecksumUseChecksumInfo = 0 in the ESXi Advanced settings, the ESXi host might fail with a purple diagnostic screen.

    This issue is resolved in this release.

  • PR 2389128: You see an unexpected failover or a blue diagnostic screen when both vSphere Fault Tolerance (vSphere FT) and a graphics address remapping table (GART) are enabled in a guest OS

    You might see an unexpected failover or a blue diagnostic screen when both vSphere FT and a GART are enabled in a guest OS due to a race condition. vSphere FT scans the guest page table to find the dirty pages and generate a bitmap. To avoid a conflict, each vCPU scans a separate range of pages. However, if a GART is also enabled, it might map a guest physical page number (PPN) to an already mapped region. Also, multiple PPNs might be mapped to the same BusMem page number (BPN). This causes two vCPUs to write on the same QWORD in the bitmap when they are processing two PPNs in different regions.

    This issue is resolved in this release. To avoid a race condition, the fix forces the use of atomic operations for bitmap write operations and enables physmem support for GART.

  • PR 2444667: If you configure a small limit for the vmx.log.rotateSize parameter, the VMX process might fail while powering on or during vSphere vMotion

    If you configure a small limit for the vmx.log.rotateSize parameter, the VMX process might fail while powering on or during vSphere vMotion. The chances that these issues occur increases if you use a value of less than 100 KB for the vmx.log.rotateSize parameter.

    This issue is resolved in this release.

  • PR 2448025: PCI Express (PCIe) Advanced Error Reporting (AER) register settings might be missing or are not correct for hot added PCIe devices

    When you hot add a device under a PCI hot plug slot that has only PCIe _HPX record settings, some PCIe registers in the hot added device might not be properly set. This results in missing or incorrect PCIe AER register settings. For example, AER driver control or AER mask register might not be initialized.

    This issue is resolved in this release.

  • PR 2437368: Host Profile remediation might end with deleting a virtual network adapter from the VMware vSphere Distributed Switch

    If you extract a host profile from an ESXi host with disabled IPv6 support, and the IPv4 default gateway is overridden while remediating that host profile, you might see a message that a virtual network adapter, such as DSwitch0, is to be created on the vSphere Distributed Switch (VDS). However, the adapter is actually removed from the VDS. This is due to a "::" value of the ipV6DefaultGateway parameter.

    This issue is resolved in this release.

  • PR 2271176: ESXi hosts might fail with a purple diagnostic screen during power off or deletion of multiple virtual machines on a vSphere Virtual Volumes datastore

    ESXi hosts might fail with a purple diagnostic screen during power off or deletion of multiple virtual machines on a vSphere Virtual Volumes datastore. You see a message indicating a PF Exception 14 on the screen. This issue might affect multiple hosts.

    This issue is resolved in this release.

  • PR 2423302: After you revert a virtual machine to a snapshot, change block tracking (CBT) data might be corrupted

    When reverting a virtual machine on which CBT is enabled to a snapshot which is not a memory snapshot, and if you use the QueryChangedDiskAreas() API call, you might see an InvalidArgument error.

    This issue is resolved in this release. With ESXi650-201912002, the output of the QuerychangedDiskAreas () call changes to FileFault and adds the message Change tracking is not active on the disk <disk_path> to provide more details on the issue.
    With the fix, you must power on or reconfigure the virtual machine to enable CBT after reverting it to a snapshot and then take a snapshot to make a full backup.
    To reconfigure the virtual machine:

    1. In the Managed Object Browser graphical interface, run ReconfigVM_Task by using an URL such as 
      https://vc or host ip/mob/?moid=the virtual machine Managed Object ID&method=reconfigure.
    2. In the <spec> tag, add <ChangeTrackingEnabled>true</ChangeTrackingEnabled>.
    3. Click Invoke Method.
  • PR 2405783: You see random health check alerts for ESXi hosts with connectivity issues

    ESXi host queries by using API sometimes experience slow response, leading to improper health check warnings about the host connectivity.

    This issue is resolved in this release.

  • PR 2393379:  Warnings for vSAN: Basic (unicast) connectivity check in large cluster

    For large clusters with 33 or more ESXi hosts, the vSAN: Basic (unicast) connectivity check might report warnings due to the large number of hosts to ping.

    This issue is resolved in this release.

  • PR 2412737: If cluster takeover does not complete, virtual machines on a vSAN stretched cluster might stop responding

    In a vSAN stretched cluster, a cluster master host is elected from the preferred fault domain and if no hosts are available, the cluster master is elected from the secondary fault domain. However, if a node from the preferred fault domain joins the cluster, then that host is elected as master by using a process called cluster takeover, which might get the cluster into a bad state. If, for some reason, the cluster takeover does not complete, the virtual machines on this cluster stop responding.

    This issue is resolved in this release. For the fix to take effect, all hosts in a vSAN stretched cluster must be upgraded to this patch.

  • PR 2357384: The vSAN health service fails to start after patching a vCenter Server Appliance that has a custom HTTP port

    After patching a vCenter Server Appliance to 6.5 Update 2 or later, the vSAN health service might fail to start. This problem might occur because the following file does not correctly update custom port assignments for HTTP and HTTPS: /etc/vmware-vsan-health/config.conf.

    This issue is resolved in this release.

  • PR 2381549: A vSAN VASA provider might go offline, causing the VASA vendor provider updates to fail

    The vsanvpd process on an ESXi host might stop after running QRadar Vulnerability Manager to scan ESXi hosts. This problem occurs when communication to the vsanvpd does not follow the expected protocol. The vsanvpd process denies the connection and exits. The result is that registration or unregistration of the VASA vendor provider information fails.

    This issue is resolved in this release.

  • PR 2443938: The SNMP service might fail if many IPv6 addresses are assigned by using SLAAC

    If IPv6 is enabled on an ESXi host and many IPv6 addresses are assigned by using SLAAC, the SNMP service might fail. An error in the logic for looping IPv6 addresses causes the issue. As a result, you cannot monitor ESXi hosts status.

    This issue is resolved in this release.

  • PR 2445628: Virtual machines with PCI passthrough devices fail to power on after a reset or reboot

    Stale parameters might cause incorrect handling of interrupt information from passthrough devices during a reset or reboot. As a result, virtual machines with PCI passthrough devices might fail to power on after a reset or reboot.

    This issue is resolved in this release.

  • PR 2170024: The small footprint CIM broker (SFCB) core dumps due to memory reallocation failure

    SFCB might fail and core dump due to a memory reallocation failure. You see error messages similar to: sfcb-vmware_raw[68518]: tool_mm_realloc_or_die: memory re-allocation failed(orig=1600000 new=3200000 msg=Cannot allocate memory, aborting.

    This issue is resolved in this release.

  • PR 2334089: The hostd service becomes unresponsive and the core dumps

    During a save operation to a distributed portgroup, the hostd service might become temporarily unresponsive due to an internal error. You see a hostd-worker-zdump file in the /var/core/ directory.

    This issue is resolved in this release.

  • PR 2343912: You must manually add the claim rules to an ESXi host

    You must manually add the claim rules to an ESXi host for Tegile Storage Arrays to set the I/O Operations Per Second to 1.

    This issue is resolved in this release. The fix sets Storage Array Type Plug-in (SATP) in ESXi hosts version 6.5.x for Tegile Storage Arrays to:
    esxcli storage nmp satp rule add -s VMW_SATP_ALUA -V TEGILE -M "INTELLIFLASH" -c tpgs_on --psp="VMW_PSP_RR" -O "iops=1" -e "Tegile arrays with ALUA support"
    esxcli storage nmp satp rule add -s VMW_SATP_DEFAULT_AA -V TEGILE -M "INTELLIFLASH" -c tpgs_off --psp="VMW_PSP_RR" -O "iops=1" -e "Tegile arrays without ALUA support"'''

  • PR 2372211: If the allocated memory for a large number of virtual distributed switch ports exceeds the heap limit, the hostd service might fail

    Sometimes, the allocated memory for a large number of virtual distributed switch ports exceeds the dvsLargeHeap parameter. This might cause the hostd service or running commands to fail.

    This issue is fixed in this release. You can use the following configuration setting: esxcfg-advcfg -s X /Net/DVSLargeHeapMBPERGB to align the dvsLargeHeap parameter with the system physical memory. Here, X is an integer value from 1 to 20 that defines the heap limit relative to the physical memory of an ESXi host. For example, if X is 5 and the physical memory is 40 GB, the heap limit is set to 200 MB.
    To use this setting, you must reboot the ESXi host.

  • PR 2388141: A vSAN permission granted at the root level in vCenter Server might impact other vSphere datastores

    Administrators must have the following permission to create a vSAN datastore: +Host.Config.Storage.
    This permission also enables the administrator to unmount any datastores that reside in vCenter Server.

    This issue is resolved in this release.

  • PR 2409981: Content-Based Read Cache (CBRC) digest recompute operations might take long for the Horizon linked clone desktops

    When Horizon linked clone desktops are refreshed or recomposed, a recompute operation follows and it might take long. The delay in the recompute operation might cause a misconfiguration of the desktop digest files. This results in all the recompute I/O ending up in the replica disk. I/O congestion in the replica causes longer digest recompute times.

    This issue is resolved in this release.

  • PR 2412640: If you remove and add a SR-IOV network adapter during the same reconfigure operation, the adapter displays as an unknown PCIe device

    In some cases, when you remove and add a SR-IOV network adapter during the same reconfigure operation, the spec is generated in such a way that the properties of the new adapter are overwritten, and it displays as an unknown PCIe device.

    This issue is resolved in this release.

  • PR 2406038: Provisioning of instant clone pools by using VMware Horizon View sometimes fails with the error message Module 'CheckpointLate' power on failed

    Due to a rare race condition, the provisioning of virtual machines by using View might fail with an error Module 'CheckpointLate' power on failed.

    This issue is resolved in this release.

  • PR 2367194: When updating a host profile from a reference host, per-host based kernel parameters and the Challenge-Handshake Authentication Protocol (CHAP) secrets are lost

    When updating a host profile from a reference host, since the default policy option for kernel module parameters is a fixed value, all per-host kernel parameters also become fixed values and cannot be re-used. Also, CHAP secrets cannot be extracted from the host and are effectively lost.

    This issue is resolved in this release. To avoid re-entering the per-host based kernel module parameters and CHAP secrets on each update of an ESXi host settings, ESXi650-201912002 adds a new feature to preserve this data.

  • PR 2430956: Virtual machines might fail during a passthrough of an iLOK USB key device

    Virtual machines might fail with a VMX panic error message during a passthrough of an iLOK USB key device. You see an error similar to PANIC: Unexpected signal: 11 in the virtual machine log file, vmware.log.

    This issue is resolved in this release.

  • PR 2367003: You must manually add the claim rules to an ESXi host for Dell EMC Trident Storage Arrays

    You must manually add the claim rules to an ESXi host for Dell EMC Trident Storage Arrays to set the I/O Operations Per Second to 1.

    This issue is resolved in this release. This fix sets Storage Array Type Plugin (SATP) to VMW_SATP_ALUA, Path Selection Policy (PSP) to VMW_PSP_RR, and Claim Options to tpgs_on as default for Trident Storage Arrays.

  • PR 2397504: Notifications for Permanent Device Loss (PDL) events might cause ESXi hosts to fail with a purple diagnostic screen

    In ESXi 6.5, notifications for a PDL exit are no longer supported, but the Pluggable Storage Architecture (PSA) might still send notifications to the VMFS layer for such events. This might cause ESXi hosts to fail with a purple diagnostic screen.

    This issue is resolved in this release.

  • PR 2432248: The small footprint CIM broker (SFCB) fails while fetching the class information of third-party provider classes

    SFCB fails due to a segmentation fault while querying with the getClass command third-party provider classes such as OSLS_InstCreation, OSLS_InstDeletion and OSLS_InstModification under the root/emc/host namespace.

    This issue is resolved in this release.

  • Update to OpenSSL

    The OpenSSL package is updated to version openssl-1.0.2t.

  • PR 2407598: You cannot use a virtual function (VF) spawned on a bus different than the parent physical function (PF)

    If a parent PF is at SBDF, such as C1:00.0, and spawns VFs starting at, for example, C2:00.0, you cannot use that VF.

    This issue is resolved in this release.

  • PR 2453909: Log spam in the syslog.log starts as soon as the CIM Agent is enabled

    As soon as the CIM Agent is enabled, you might start receiving multiple logs per minute in the syslog.log of ESXi hosts.
    Logs are similar to:
    2019-09-16T12:59:55Z sfcb-vmware_base[2100102]: VMwareHypervisorStorageExtent::fillVMwareHypervisorStorageExtentInstance - durable name length is too large: 256

    This issue is resolved in this release.

  • PR 2430178: An ESXi host with 3D virtual machines might fail with a blue screen error due to xmap allocation failure

    During operations, such as migrating 3D virtual machines by using vSphere vMotion, the memory allocation process might return a NULL value. As a result, the VMkernel components might not get access to the memory and cause failure of the ESXi host.

    This issue is resolved in this release.

  • PR 2423695: Running the esxcfg-info command returns an output with errors hidden in it

    When running the esxcfg-info command, you might see output with similar errors hidden in it:
    ResourceGroup: Skipping CPU times for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688
    ResourceGroup: Skipping VCPU stats for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688

    This issue is resolved in this release.

  • PR 2359950: A CTK file might be unexpectedly removed after backing up independent nonpersistent VMDK files by using HotAdd Transport Mode

    If you hot remove the disk from the proxy virtual machine, the CTK file of an independent nonpersistent VMDK file might be deleted. The issue occurs regardless if the proxy virtual machine has CBT enabled or not. If you delete the last snapshot after a backup, the CTK file is restored and the issue does not affect backup workflows.

    This issue is resolved in this release.

  • PR 2334733: An ESXi host might fail with a purple diagnostic screen and an error similar to: PF Exception 14 in world XXX:Unmap Helper IP XXX

    If unmapped data structures are accessed while a connection to a VMFS volume closes, an ESXi host might fail with a purple diagnostic screen. You see an error similar to PF Exception 14 in world XXX:Unmap Helper IP XXX in the backtrace.

    This issue is resolved in this release.

  • PR 2449875: Connection failure to vCenter Server might cause a vSAN cluster partition

    When an ESXi host in a vSAN cluster loses connection to a vCenter Server system, the host cannot retrieve the latest vSAN vmodl version, and defaults to a standard vim. This might cause the ESXi host to clear its list of unicast addresses, and lead to a cluster partition.

    This issue is resolved in this release.

  • PR 2436649: You might not see software-based iSCSI adapters in the vSphere Client or the vSphere Web Client

    Due to a memory leak in the iSCSI module, software-based iSCSI adapters might not display in the vSphere Client or the vSphere Web Client during the target discovery process.

    This issue is resolved in this release.

  • PR 2349289: ESXi hosts might fail during cluster rejoin

    During a cluster rejoin event, an ESXi host running ESXi650-201811002 might fail with a purple diagnostic screen. The failure happens when the CMMDS module improperly attempts to free the host CMMDS utility.

    This issue is resolved in this release.

  • PR 2385716: Virtual machines with Changed Block Tracking (CBT) enabled might report long waiting times during snapshot creation

    Virtual machines with CBT enabled might report long waiting times during snapshot creation due to the 8 KB buffer used for CBT file copying. With this fix, the buffer size is increased to 1 MB to overcome multiple reads and writes of a large CBT file copy, and reduce waiting time.

    This issue is resolved in this release.

  • PR 2340751: HPE servers with firmware version 1.30 might trigger hardware status warnings for I/O module sensors

    HPE servers with firmware version 1.30 might report the status of I/O module sensors as warnings. You might see similar messages:
    [Device] I/O Module n ALOM_Link_Pn or [Device] I/O module n NIC_Link_Pn.

    This issue is resolved in this release. For more information, see VMware knowledge base article 53134.

  • PR 2386848: An ESXi host might lose connectivity due to network issues caused by a race condition in the transmission queues

    A race condition causes transmission queues of physical NICs to become inactive whenever a virtual switch uplink port is disconnected from one virtual switch or distributed virtual switch and connected to another virtual switch or distributed virtual switch. As a result, network connectivity between virtual machines might fail.

    This issue is resolved in this release.

  • PR 2439250: VMFS6 volumes greater than 1 PB might cause ESXi hosts to fail with a purple diagnostic screen

    By default, the configuration limit for the memory pool of VMFS6 volumes on an ESXi host is 1 PB, but you can extend the pool to support up to 4 PB. However, a total datastore size greater than 1 PB might cause an ESXi host to fail with a purple diagnostic screen due to a memory outage. This fix allows changes in the configuration for up to 16 PB. You must set a limit for the LFBCSlabSizeMaxMB setting, scaling it to the total size of all datastores on an ESXi host. The default is 8, which covers a total capacity of 1PB, but you can increase the limit to up to 128, or 16 PB. You must reboot the ESXi host to enable the change.

    This issue is resolved in this release.

  • PR 2423391: Under rare conditions an ESXi host might fail with a purple diagnostic screen when collecting CPU performance counters for a virtual machine

    Due to a race between the power off operation of a virtual machine and a running query to collect CPU performance counters, a vCenter Server system might dereference a NULL pointer. This might result into ESXi hosts failing with a purple diagnostic screen.

    This issue is resolved in this release.

ESXi650-201912402-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required No
Virtual Machine Migration or Shutdown Required No
Affected Hardware N/A
Affected Software N/A
VIBs Included VMware_bootbank_esx-xserver_6.5.0-3.120.15256549
PRs Fixed  2364560
Related CVE numbers N/A

This patch updates the esx-xserver VIB to resolve the following issue:

  • PR 2364560: Xorg might fail to start on systems with multiple GPUs

    More than one Xorg scripts might run in parallel and interfere with each other. As a result, the Xorg script might fail to start on systems with multiple GPUs.

    This issue is resolved in this release. The fix ensures that a single Xorg script runs during start operations.

ESXi650-201912403-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included VMW_bootbank_vmkusb_0.1-1vmw.650.3.120.15256549
PRs Fixed  N/A
Related CVE numbers N/A

This patch updates the vmkusb VIB.

    ESXi650-201912404-BG
    Patch Category Bugfix
    Patch Severity Important
    Host Reboot Required Yes
    Virtual Machine Migration or Shutdown Required Yes
    Affected Hardware N/A
    Affected Software N/A
    VIBs Included VMware_bootbank_native-misc-drivers_6.5.0-3.120.15256549
    PRs Fixed  N/A
    Related CVE numbers N/A

    This patch updates the native-misc-drivers VIB.

      ESXi650-201912101-SG
      Patch Category Security
      Patch Severity

      Important

      Host Reboot Required Yes
      Virtual Machine Migration or Shutdown Required Yes
      Affected Hardware N/A
      Affected Software N/A
      VIBs Included
      • VMware_bootbank_esx-base_6.5.0-3.116.15256468
      • VMware_bootbank_esx-tboot_6.5.0-3.116.15256468
      • VMware_bootbank_vsanhealth_6.5.0-3.116.15081927
      • VMware_bootbank_vsan_6.5.0-3.116.15081926
      PRs Fixed  N/A
      CVE numbers N/A

      This patch updates esx-base, esx-tboot, vsan, and vsanhealth VIBs.

        ESXi650-201912102-SG
        Patch Category Security
        Patch Severity

        Important

        Host Reboot Required Yes
        Virtual Machine Migration or Shutdown Required Yes
        Affected Hardware N/A
        Affected Software N/A
        VIBs Included VMware_bootbank_cpu-microcode_6.5.0-3.116.15256468
        PRs Fixed  2363675
        CVE numbers N/A

        This patch updates the cpu-microcode VIB.

        • The cpu-microcode VIB includes the following Intel microcode:
          Code Name FMS Plt ID MCU Rev MCU Date Brand Names
          Nehalem EP 0x106a5 0x03 0x0000001d 5/11/2018 Intel Xeon 35xx Series
          Intel Xeon 55xx Series
          Lynnfield 0x106e5 0x13 0x0000000a 5/8/2018 Intel Xeon 34xx Lynnfield Series
          Clarkdale 0x20652 0x12 0x00000011 5/8/2018 Intel i3/i5 Clarkdale Series
          Intel Xeon 34xx Clarkdale Series
          Arrandale 0x20655 0x92 0x00000007 4/23/2018 Intel Core i7-620LE Processor
          Sandy Bridge DT 0x206a7 0x12 0x0000002f 2/17/2019 Intel Xeon E3-1100 Series
          Intel Xeon E3-1200 Series
          Intel i7-2655-LE Series
          Intel i3-2100 Series
          Westmere EP 0x206c2 0x03 0x0000001f 5/8/2018 Intel Xeon 56xx Series
          Intel Xeon 36xx Series
          Sandy Bridge EP 0x206d7 0x6d 0x00000718 5/21/2019 Intel Pentium 1400 Series
          Intel Xeon E5-1400 Series
          Intel Xeon E5-1600 Series
          Intel Xeon E5-2400 Series
          Intel Xeon E5-2600 Series
          Intel Xeon E5-4600 Series
          Nehalem EX 0x206e6 0x04 0x0000000d 5/15/2018 Intel Xeon 65xx Series
          Intel Xeon 75xx Series
          Westmere EX 0x206f2 0x05 0x0000003b 5/16/2018 Intel Xeon E7-8800 Series
          Intel Xeon E7-4800 Series
          Intel Xeon E7-2800 Series
          Ivy Bridge DT 0x306a9 0x12 0x00000021 2/13/2019 Intel i3-3200 Series
          Intel i7-3500-LE/UE
          Intel i7-3600-QE
          Intel Xeon E3-1200-v2 Series
          Intel Xeon E3-1100-C-v2 Series
          Intel Pentium B925C
          Haswell DT 0x306c3 0x32 0x00000027 2/26/2019 Intel Xeon E3-1200-v3 Series
          Intel i7-4700-EQ Series
          Intel i5-4500-TE Series
          Intel i3-4300 Series
          Ivy Bridge EP 0x306e4 0xed 0x0000042e 3/14/2019 Intel Xeon E5-4600-v2 Series
          Intel Xeon E5-2600-v2 Series
          Intel Xeon E5-2400-v2 Series
          Intel Xeon E5-1600-v2 Series
          Intel Xeon E5-1400-v2 Series
          Ivy Bridge EX 0x306e7 0xed 0x00000715 3/14/2019 Intel Xeon E7-8800/4800/2800-v2 Series
          Haswell EP 0x306f2 0x6f 0x00000043 3/1/2019 Intel Xeon E5-4600-v3 Series
          Intel Xeon E5-2600-v3 Series
          Intel Xeon E5-2400-v3 Series
          Intel Xeon E5-1600-v3 Series
          Intel Xeon E5-1400-v3 Series
          Haswell EX 0x306f4 0x80 0x00000016 6/17/2019 Intel Xeon E7-8800/4800-v3 Series
          Broadwell H 0x40671 0x22 0x00000021 6/13/2019 Intel Core i7-5700EQ
          Intel Xeon E3-1200-v4 Series
          Avoton 0x406d8 0x01 0x0000012d 9/16/2019 Intel Atom C2300 Series
          Intel Atom C2500 Series
          Intel Atom C2700 Series
          Broadwell EP/EX 0x406f1 0xef 0x0b000038 6/18/2019 Intel Xeon E7-8800/4800-v4 Series
          Intel Xeon E5-4600-v4 Series
          Intel Xeon E5-2600-v4 Series
          Intel Xeon E5-1600-v4 Series
          Skylake SP 0x50654 0xb7 0x02000065 9/5/2019 Intel Xeon Platinum 8100 Series
          Intel Xeon Gold 6100/5100, Silver 4100, Bronze 3100 Series
          Intel Xeon D-2100 Series
          Intel Xeon D-1600 Series
          Intel Xeon W-3100 Series
          Intel Xeon W-2100 Series
          Cascade Lake B-0 0x50656 0xbf 0x0400002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
          Intel Xeon Gold 6200/5200
          Intel Xeon Silver 4200/Bronze 3200
          Intel Xeon W-3200
          Cascade Lake 0x50657 0xbf 0x0500002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
          Intel Xeon Gold 6200/5200
          Intel Xeon Silver 4200/Bronze 3200
          Intel Xeon W-3200
          Broadwell DE 0x50662 0x10 0x0000001c 6/17/2019 Intel Xeon D-1500 Series
          Broadwell DE 0x50663 0x10 0x07000019 6/17/2019 Intel Xeon D-1500 Series
          Broadwell DE 0x50664 0x10 0x0f000017 6/17/2019 Intel Xeon D-1500 Series
          Broadwell NS 0x50665 0x10 0x0e00000f 6/17/2019 Intel Xeon D-1600 Series
          Skylake H/S 0x506e3 0x36 0x000000cc 4/1/2019 Intel Xeon E3-1500-v5 Series
          Intel Xeon E3-1200-v5 Series
          Denverton 0x506f1 0x01 0x0000002e 3/21/2019 Intel Atom C3000 Series
          Kaby Lake H/S/X 0x906e9 0x2a 0x000000c6 8/14/2019 Intel Xeon E3-1200-v6 Series
          Intel Xeon E3-1500-v6 Series
          Coffee Lake H/S 0x906ea 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
          Coffee Lake H/S 0x906eb 0x02 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
          Coffee Lake H/S 0x906ec 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
          Coffee Lake Refresh 0x906ed 0x22 0x000000c6 8/14/2019 Intel Xeon E-2200 Series
        ESXi650-201912103-SG
        Patch Category Security
        Patch Severity

        Important

        Host Reboot Required No
        Virtual Machine Migration or Shutdown Required No
        Affected Hardware N/A
        Affected Software N/A
        VIBs Included VMware_locker_tools-light_6.5.0-3.116.15256468
        PRs Fixed  2377205
        CVE numbers N/A

        This patch updates the tools-light VIB.

        ESXi650-201912104-SG
        Patch Category Security
        Patch Severity

        Important

        Host Reboot Required No
        Virtual Machine Migration or Shutdown Required No
        Affected Hardware N/A
        Affected Software N/A
        VIBs Included VMware_bootbank_esx-ui_1.33.5-15102916
        PRs Fixed  N/A
        CVE numbers N/A

        This patch updates the esx-ui VIB.

          ESXi-6.5.0-20191204001-standard
          Profile Name ESXi-6.5.0-20191204001-standard
          Build For build information, see the top of the page.
          Vendor VMware, Inc.
          Release Date December 19, 2019
          Acceptance Level PartnerSupported
          Affected Hardware N/A
          Affected Software N/A
          Affected VIBs
          • VMware_bootbank_vsanhealth_6.5.0-3.120.15081994
          • VMware_bootbank_vsan_6.5.0-3.120.15087173
          • VMware_bootbank_esx-tboot_6.5.0-3.120.15256549
          • VMware_bootbank_esx-base_6.5.0-3.120.15256549
          • VMware_bootbank_esx-xserver_6.5.0-3.120.15256549
          • VMW_bootbank_vmkusb_0.1-1vmw.650.3.120.15256549
          • VMware_bootbank_native-misc-drivers_6.5.0-3.120.15256549
          PRs Fixed 2360407, 2403863, 2368281, 2399214, 2399723, 2337888, 2379543, 2389006, 2370145, 2410508, 2394253, 2425066, 2389128, 2444667, 2448025, 2437368, 2271176, 2423302, 2405783, 2393379, 2412737, 2357384, 2381549, 2443938, 2445628, 2170024, 2334089, 2343912, 2372211, 2388141, 2409981, 2412640, 2406038, 2367194, 2430956, 2367003, 2397504, 2432248, 2404787, 2407598, 2453909, 2430178, 2423695, 2359950, 2334733, 2449875, 2436649, 2349289, 2385716, 2340751, 2386848, 2439250, 2364560
          Related CVE numbers N/A
          • This patch updates the following issues:
            • If a virtual machine runs applications that use particular 3D state and shaders, and if software 3D acceleration is enabled, the virtual machine might stop responding.

            • Requesting an NMI from the hardware management console (BMC) or by pressing a physical NMI button must cause ESXi hosts to fail with a purple diagnostic screen and dump core. Instead, nothing happens and the ESXi host continues running.

            • You can use the SCSIBindCompletionWorlds() method to set the number of queues and worlds of a driver. However, if you set the numQueues parameter to a value more than 1 and the numWorlds parameter to a value that is equal or less than 1, the API call might return without releasing the lock held. This results in a deadlock and the ESXi host might fail with a purple diagnostic screen.

            • In a vCenter Server system using AMD EPYC 7002 series processors, a virtual machine that has a PCI passthrough device might fail to power on. In the vmkernel.log, you see messages similar to:
              4512 2019-08-06T06:09:55.058Z cpu24:1001397137)AMDIOMMU: 611: IOMMU 0000:20:00.2: Failed to allocate IRTE for IOAPIC ID 243 vector 0x3f
              4513 2019-08-06T06:09:55.058Z cpu24:1001397137)WARNING: IOAPIC: 1238: IOAPIC Id 243: Failed to allocate IRTE for vector 0x3f

              In the AMD IOMMU interrupt remapper, IOAPIC interrupts the use of an IRTE index equal to the vector number. In certain cases, a non-IOAPIC interrupt might take the index that an IOAPIC interrupt needs.

            • When a virtual machine client needs an extra memory reservation, if the ESXi host has no available memory, the host might fail with a purple diagnostic screen. You see a similar backtrace:
              @BlueScreen: #PF Exception 14 in world 57691007:vmm0:LGS-000 IP 0x41802601d987 addr 0x88
              PTEs:0x2b12a6c027;0x21f0480027;0xbfffffffff001;
              0x43935bf9bd48:[0x41802601d987]MemSchedReapSuperflousOverheadInt@vmkernel#nover+0x1b stack: 0x0
              0x43935bf9bd98:[0x41802601daad]MemSchedReapSuperflousOverhead@vmkernel#nover+0x31 stack: 0x4306a812
              0x43935bf9bdc8:[0x41802601dde4]MemSchedGroupAllocAllowed@vmkernel#nover+0x300 stack: 0x4300914eb120
              0x43935bf9be08:[0x41802601e46e]MemSchedGroupSetAllocInt@vmkernel#nover+0x52 stack: 0x17f7c
              0x43935bf9be58:[0x418026020a72]MemSchedManagedKernelGroupSetAllocInt@vmkernel#nover+0xae stack: 0x1
              0x43935bf9beb8:[0x418026025e11]MemSched_ManagedKernelGroupSetAlloc@vmkernel#nover+0x7d stack: 0x1bf
              0x43935bf9bee8:[0x41802602649b]MemSched_ManagedKernelGroupIncAllocMin@vmkernel#nover+0x3f stack: 0x
              0x43935bf9bf28:[0x418025ef2eed]VmAnonUpdateReservedOvhd@vmkernel#nover+0x189 stack: 0x114cea4e1c
              0x43935bf9bfb8:[0x418025eabc29]VMMVMKCall_Call@vmkernel#nover+0x139 stack: 0x418025eab778

            • If you do not configure a default route in an ESXi host, the IP address of the ESXi SNMP‎ agent might be in reverse order in the payload of the sent SNMP‎ traps. For example, if the SNMP agent is with an IP address 172.16.0.10, in the payload the IP address is 10.0.16.172. As a result, the SNMP‎ traps reach the target with an incorrect IP address of the ESXi SNMP agent in the payload.

            • Windows virtual machines might fail while migrating to ESXi 6.5 after a reboot initiated by the guest OS. You see MULTIPROCESSOR CONFIGURATION NOT SUPPORTED error message on a blue screen. The fix prevents the x2APIC ID field of the guest CPUID to be modified during the migration.

            • Adding an ESXi host to an AD domain by using a vSphere Authentication Proxy might fail intermittently with error code 41737, which corresponds to error message LW_ERROR_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, when a host is temporarily unable to find its created machine account in the AD environment. This fix adds a retry logic for adding ESXi hosts to AD domains by using the Authentication Proxy.

            • When 3D software acceleration is enabled, the virtual machine executable (VMX) process might fail if the software renderer uses more memory than is reserved for it. You see an error Unrecoverable Memory Allocation Failure. Windows 10 OS virtual machines are prone to this issue.

            • An ESXi host might fail with a purple diagnostic screen during shutdown due to very rare race condition when the host is trying to access a memory region in the exact time between it is freed and allocated to another task. This issue occurs when both MLDv1 and MLDv2 devices are present in the network and global IPv6 addresses are disabled. The issue was fixed in ESXi650-201811002. However, the fix revealed another issue during ESXi hosts shutdown, that resulted in a NULL pointer dereference while IPv6 was disabled.

            • After a microcode update, sometimes it is necessary to reenumerate the CPUID for the virtual machines on an ESXi server. By using the configuration parameter vmx.reboot.powerCycle = TRUE you can schedule virtual machines for power cycle when necessary.

            • Sometimes, if you disable checksums for vSphere Replication by setting the parameter HBR.ChecksumUseChecksumInfo = 0 in the ESXi Advanced settings, the ESXi host might fail with a purple diagnostic screen.

            • You might see an unexpected failover or a blue diagnostic screen when both vSphere FT and a GART are enabled in a guest OS due to a race condition. vSphere FT scans the guest page table to find the dirty pages and generate a bitmap. To avoid a conflict, each vCPU scans a separate range of pages. However, if a GART is also enabled, it might map a guest physical page number (PPN) to an already mapped region. Also, multiple PPNs might be mapped to the same BusMem page number (BPN). This causes two vCPUs to write on the same QWORD in the bitmap when they are processing two PPNs in different regions.

            • If you configure a small limit for the vmx.log.rotateSize parameter, the VMX process might fail while powering on or during vSphere vMotion. The chances that these issues occur increases if you use a value of less than 100 KB for the vmx.log.rotateSize parameter.

            • When you hot add a device under a PCI hot plug slot that has only PCIe _HPX record settings, some PCIe registers in the hot added device might not be properly set. This results in missing or incorrect PCIe AER register settings. For example, AER driver control or AER mask register might not be initialized.

            • If you extract a host profile from an ESXi host with disabled IPv6 support, and the IPv4 default gateway is overridden while remediating that host profile, you might see a message that a virtual network adapter, such as DSwitch0, is to be created on the vSphere Distributed Switch (VDS). However, the adapter is actually removed from the VDS. This is due to a "::" value of the ipV6DefaultGateway parameter.

            • ESXi hosts might fail with a purple diagnostic screen during power off or deletion of multiple virtual machines on a vSphere Virtual Volumes datastore. You see a message indicating a PF Exception 14 on the screen. This issue might affect multiple hosts.

            • When reverting a virtual machine on which CBT is enabled to a snapshot which is not a memory snapshot, and if you use the QueryChangedDiskAreas() API call, you might see an InvalidArgument error.

            • ESXi host queries by using API sometimes experience slow response, leading to improper health check warnings about the host connectivity.

            • For large clusters with 33 or more ESXi hosts, the vSAN: Basic (unicast) connectivity check might report warnings due to the large number of hosts to ping.

            • In a vSAN stretched cluster, a cluster master host is elected from the preferred fault domain and if no hosts are available, the cluster master is elected from the secondary fault domain. However, if a node from the preferred fault domain joins the cluster, then that host is elected as master by using a process called cluster takeover, which might get the cluster into a bad state. If, for some reason, the cluster takeover does not complete, the virtual machines on this cluster stop responding.

            • After patching a vCenter Server Appliance to 6.5 Update 2 or later, the vSAN health service might fail to start. This problem might occur because the following file does not correctly update custom port assignments for HTTP and HTTPS: /etc/vmware-vsan-health/config.conf.

            • The vsanvpd process on an ESXi host might stop after running QRadar Vulnerability Manager to scan ESXi hosts. This problem occurs when communication to the vsanvpd does not follow the expected protocol. The vsanvpd process denies the connection and exits. The result is that registration or unregistration of the VASA vendor provider information fails.

            • If IPv6 is enabled on an ESXi host and many IPv6 addresses are assigned by using SLAAC, the SNMP service might fail. An error in the logic for looping IPv6 addresses causes the issue. As a result, you cannot monitor ESXi hosts status.

            • Stale parameters might cause incorrect handling of interrupt information from passthrough devices during a reset or reboot. As a result, virtual machines with PCI passthrough devices might fail to power on after a reset or reboot.

            • SFCB might fail and core dump due to a memory reallocation failure. You see error messages similar to: sfcb-vmware_raw[68518]: tool_mm_realloc_or_die: memory re-allocation failed(orig=1600000 new=3200000 msg=Cannot allocate memory, aborting.

            • During a save operation to a distributed portgroup, the hostd service might become temporarily unresponsive due to an internal error. You see a hostd-worker-zdump file in the /var/core/ directory.

            • You must manually add the claim rules to an ESXi host for Tegile Storage Arrays to set the I/O Operations Per Second to 1.

            • Sometimes, the allocated memory for a large number of virtual distributed switch ports exceeds the dvsLargeHeap parameter. This might cause the hostd service or running commands to fail.

            • Administrators must have the following permission to create a vSAN datastore: +Host.Config.Storage.
              This permission also enables the administrator to unmount any datastores that reside in vCenter Server.

            • When Horizon linked clone desktops are refreshed or recomposed, a recompute operation follows and it might take long. The delay in the recompute operation might cause a misconfiguration of the desktop digest files. This results in all the recompute I/O ending up in the replica disk. I/O congestion in the replica causes longer digest recompute times.

            • In some cases, when you remove and add a SR-IOV network adapter during the same reconfigure operation, the spec is generated in such a way that the properties of the new adapter are overwritten, and it displays as an unknown PCIe device.

            • Due to a rare race condition, the provisioning of virtual machines by using View might fail with an error Module 'CheckpointLate' power on failed.

            • When updating a host profile from a reference host, since the default policy option for kernel module parameters is a fixed value, all per-host kernel parameters also become fixed values and cannot be re-used. Also, CHAP secrets cannot be extracted from the host and are effectively lost.

            • Virtual machines might fail with a VMX panic error message during a passthrough of an iLOK USB key device. You see an error similar to PANIC: Unexpected signal: 11 in the virtual machine log file, vmware.log.

            • You must manually add the claim rules to an ESXi host for Dell EMC Trident Storage Arrays to set the I/O Operations Per Second to 1.

            • In ESXi 6.5, notifications for a PDL exit are no longer supported, but the Pluggable Storage Architecture (PSA) might still send notifications to the VMFS layer for such events. This might cause ESXi hosts to fail with a purple diagnostic screen.

            • SFCB fails due to a segmentation fault while querying with the getClass command third-party provider classes such as OSLS_InstCreationOSLS_InstDeletion and OSLS_InstModification under the root/emc/host namespace.

            • The OpenSSL package is updated to version openssl-1.0.2t.

            • If a parent PF is at SBDF, such as C1:00.0, and spawns VFs starting at, for example, C2:00.0, you cannot use that VF.

            • As soon as the CIM Agent is enabled, you might start receiving multiple logs per minute in the syslog.log of ESXi hosts.
              Logs are similar to:
              2019-09-16T12:59:55Z sfcb-vmware_base[2100102]: VMwareHypervisorStorageExtent::fillVMwareHypervisorStorageExtentInstance - durable name length is too large: 256

            • During operations, such as migrating 3D virtual machines by using vSphere vMotion, the memory allocation process might return a NULL value. As a result, the VMkernel components might not get access to the memory and cause failure of the ESXi host.

            • When running the esxcfg-info command, you might see output with similar errors hidden in it:
              ResourceGroup: Skipping CPU times for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688
              ResourceGroup: Skipping VCPU stats for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688

            • If you hot remove the disk from the proxy virtual machine, the CTK file of an independent nonpersistent VMDK file might be deleted. The issue occurs regardless if the proxy virtual machine has CBT enabled or not. If you delete the last snapshot after a backup, the CTK file is restored and the issue does not affect backup workflows.

            • If unmapped data structures are accessed while a connection to a VMFS volume closes, an ESXi host might fail with a purple diagnostic screen. You see an error similar to PF Exception 14 in world XXX:Unmap Helper IP XXX in the backtrace.

            • When an ESXi host in a vSAN cluster loses connection to a vCenter Server system, the host cannot retrieve the latest vSAN vmodl version, and defaults to a standard vim. This might cause the ESXi host to clear its list of unicast addresses, and lead to a cluster partition.

            • Due to a memory leak in the iSCSI module, software-based iSCSI adapters might not display in the vSphere Client or the vSphere Web Client during the target discovery process.

            • During a cluster rejoin event, an ESXi host running ESXi650-201811002 might fail with a purple diagnostic screen. The failure happens when the CMMDS module improperly attempts to free the host CMMDS utility.

            • Virtual machines with CBT enabled might report long waiting times during snapshot creation due to the 8 KB buffer used for CBT file copying. With this fix, the buffer size is increased to 1 MB to overcome multiple reads and writes of a large CBT file copy, and reduce waiting time.

            • HPE servers with firmware version 1.30 might report the status of I/O module sensors as warnings. You might see similar messages:
              [Device] I/O Module n ALOM_Link_Pn or [Device] I/O module n NIC_Link_Pn.

            • A race condition causes transmission queues of physical NICs to become inactive whenever a virtual switch uplink port is disconnected from one virtual switch or distributed virtual switch and connected to another virtual switch or distributed virtual switch. As a result, network connectivity between virtual machines might fail.

            • By default, the configuration limit for the memory pool of VMFS6 volumes on an ESXi host is 1 PB, but you can extend the pool to support up to 4 PB. However, a total datastore size greater than 1 PB might cause an ESXi host to fail with a purple diagnostic screen due to a memory outage. This fix allows changes in the configuration for up to 16 PB. You must set a limit for the LFBCSlabSizeMaxMB setting, scaling it to the total size of all datastores on an ESXi host. The default is 8, which covers a total capacity of 1PB, but you can increase the limit to up to 128, or 16 PB. You must reboot the ESXi host to enable the change.

            • Due to a race between the power off operation of a virtual machine and a running query to collect CPU performance counters, a vCenter Server system might dereference a NULL pointer. This might result into ESXi hosts failing with a purple diagnostic screen.
          ESXi-6.5.0-20191204001-no-tools
          Profile Name ESXi-6.5.0-20191204001-no-tools
          Build For build information, see the top of the page.
          Vendor VMware, Inc.
          Release Date December 19, 2019
          Acceptance Level PartnerSupported
          Affected Hardware N/A
          Affected Software N/A
          Affected VIBs
          • VMware_bootbank_vsanhealth_6.5.0-3.120.15081994
          • VMware_bootbank_vsan_6.5.0-3.120.15087173
          • VMware_bootbank_esx-tboot_6.5.0-3.120.15256549
          • VMware_bootbank_esx-base_6.5.0-3.120.15256549
          • VMware_bootbank_esx-xserver_6.5.0-3.120.15256549
          • VMW_bootbank_vmkusb_0.1-1vmw.650.3.120.15256549
          • VMware_bootbank_native-misc-drivers_6.5.0-3.120.15256549
          PRs Fixed 2360407, 2403863, 2368281, 2399214, 2399723, 2337888, 2379543, 2389006, 2370145, 2410508, 2394253, 2425066, 2389128, 2444667, 2448025, 2437368, 2271176, 2423302, 2405783, 2393379, 2412737, 2357384, 2381549, 2443938, 2445628, 2170024, 2334089, 2343912, 2372211, 2388141, 2409981, 2412640, 2406038, 2367194, 2430956, 2367003, 2397504, 2432248, 2404787, 2407598, 2453909, 2430178, 2423695, 2359950, 2334733, 2449875, 2436649, 2349289, 2385716, 2340751, 2386848, 2439250, 2364560
          Related CVE numbers N/A
          • This patch updates the following issues:
            • If a virtual machine runs applications that use particular 3D state and shaders, and if software 3D acceleration is enabled, the virtual machine might stop responding.

            • Requesting an NMI from the hardware management console (BMC) or by pressing a physical NMI button must cause ESXi hosts to fail with a purple diagnostic screen and dump core. Instead, nothing happens and the ESXi host continues running.

            • You can use the SCSIBindCompletionWorlds() method to set the number of queues and worlds of a driver. However, if you set the numQueues parameter to a value more than 1 and the numWorlds parameter to a value that is equal or less than 1, the API call might return without releasing the lock held. This results in a deadlock and the ESXi host might fail with a purple diagnostic screen.

            • In a vCenter Server system using AMD EPYC 7002 series processors, a virtual machine that has a PCI passthrough device might fail to power on. In the vmkernel.log, you see messages similar to:
              4512 2019-08-06T06:09:55.058Z cpu24:1001397137)AMDIOMMU: 611: IOMMU 0000:20:00.2: Failed to allocate IRTE for IOAPIC ID 243 vector 0x3f
              4513 2019-08-06T06:09:55.058Z cpu24:1001397137)WARNING: IOAPIC: 1238: IOAPIC Id 243: Failed to allocate IRTE for vector 0x3f

              In the AMD IOMMU interrupt remapper, IOAPIC interrupts the use of an IRTE index equal to the vector number. In certain cases, a non-IOAPIC interrupt might take the index that an IOAPIC interrupt needs.

            • When a virtual machine client needs an extra memory reservation, if the ESXi host has no available memory, the host might fail with a purple diagnostic screen. You see a similar backtrace:
              @BlueScreen: #PF Exception 14 in world 57691007:vmm0:LGS-000 IP 0x41802601d987 addr 0x88
              PTEs:0x2b12a6c027;0x21f0480027;0xbfffffffff001;
              0x43935bf9bd48:[0x41802601d987]MemSchedReapSuperflousOverheadInt@vmkernel#nover+0x1b stack: 0x0
              0x43935bf9bd98:[0x41802601daad]MemSchedReapSuperflousOverhead@vmkernel#nover+0x31 stack: 0x4306a812
              0x43935bf9bdc8:[0x41802601dde4]MemSchedGroupAllocAllowed@vmkernel#nover+0x300 stack: 0x4300914eb120
              0x43935bf9be08:[0x41802601e46e]MemSchedGroupSetAllocInt@vmkernel#nover+0x52 stack: 0x17f7c
              0x43935bf9be58:[0x418026020a72]MemSchedManagedKernelGroupSetAllocInt@vmkernel#nover+0xae stack: 0x1
              0x43935bf9beb8:[0x418026025e11]MemSched_ManagedKernelGroupSetAlloc@vmkernel#nover+0x7d stack: 0x1bf
              0x43935bf9bee8:[0x41802602649b]MemSched_ManagedKernelGroupIncAllocMin@vmkernel#nover+0x3f stack: 0x
              0x43935bf9bf28:[0x418025ef2eed]VmAnonUpdateReservedOvhd@vmkernel#nover+0x189 stack: 0x114cea4e1c
              0x43935bf9bfb8:[0x418025eabc29]VMMVMKCall_Call@vmkernel#nover+0x139 stack: 0x418025eab778

            • If you do not configure a default route in an ESXi host, the IP address of the ESXi SNMP‎ agent might be in reverse order in the payload of the sent SNMP‎ traps. For example, if the SNMP agent is with an IP address 172.16.0.10, in the payload the IP address is 10.0.16.172. As a result, the SNMP‎ traps reach the target with an incorrect IP address of the ESXi SNMP agent in the payload.

            • Windows virtual machines might fail while migrating to ESXi 6.5 after a reboot initiated by the guest OS. You see MULTIPROCESSOR CONFIGURATION NOT SUPPORTED error message on a blue screen. The fix prevents the x2APIC ID field of the guest CPUID to be modified during the migration.

            • Adding an ESXi host to an AD domain by using a vSphere Authentication Proxy might fail intermittently with error code 41737, which corresponds to error message LW_ERROR_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN, when a host is temporarily unable to find its created machine account in the AD environment. This fix adds a retry logic for adding ESXi hosts to AD domains by using the Authentication Proxy.

            • When 3D software acceleration is enabled, the virtual machine executable (VMX) process might fail if the software renderer uses more memory than is reserved for it. You see an error Unrecoverable Memory Allocation Failure. Windows 10 OS virtual machines are prone to this issue.

            • An ESXi host might fail with a purple diagnostic screen during shutdown due to very rare race condition when the host is trying to access a memory region in the exact time between it is freed and allocated to another task. This issue occurs when both MLDv1 and MLDv2 devices are present in the network and global IPv6 addresses are disabled. The issue was fixed in ESXi650-201811002. However, the fix revealed another issue during ESXi hosts shutdown, that resulted in a NULL pointer dereference while IPv6 was disabled.

            • After a microcode update, sometimes it is necessary to reenumerate the CPUID for the virtual machines on an ESXi server. By using the configuration parameter vmx.reboot.powerCycle = TRUE you can schedule virtual machines for power cycle when necessary.

            • Sometimes, if you disable checksums for vSphere Replication by setting the parameter HBR.ChecksumUseChecksumInfo = 0 in the ESXi Advanced settings, the ESXi host might fail with a purple diagnostic screen.

            • You might see an unexpected failover or a blue diagnostic screen when both vSphere FT and a GART are enabled in a guest OS due to a race condition. vSphere FT scans the guest page table to find the dirty pages and generate a bitmap. To avoid a conflict, each vCPU scans a separate range of pages. However, if a GART is also enabled, it might map a guest physical page number (PPN) to an already mapped region. Also, multiple PPNs might be mapped to the same BusMem page number (BPN). This causes two vCPUs to write on the same QWORD in the bitmap when they are processing two PPNs in different regions.

            • If you configure a small limit for the vmx.log.rotateSize parameter, the VMX process might fail while powering on or during vSphere vMotion. The chances that these issues occur increases if you use a value of less than 100 KB for the vmx.log.rotateSize parameter.

            • When you hot add a device under a PCI hot plug slot that has only PCIe _HPX record settings, some PCIe registers in the hot added device might not be properly set. This results in missing or incorrect PCIe AER register settings. For example, AER driver control or AER mask register might not be initialized.

            • If you extract a host profile from an ESXi host with disabled IPv6 support, and the IPv4 default gateway is overridden while remediating that host profile, you might see a message that a virtual network adapter, such as DSwitch0, is to be created on the vSphere Distributed Switch (VDS). However, the adapter is actually removed from the VDS. This is due to a "::" value of the ipV6DefaultGateway parameter.

            • ESXi hosts might fail with a purple diagnostic screen during power off or deletion of multiple virtual machines on a vSphere Virtual Volumes datastore. You see a message indicating a PF Exception 14 on the screen. This issue might affect multiple hosts.

            • When reverting a virtual machine on which CBT is enabled to a snapshot which is not a memory snapshot, and if you use the QueryChangedDiskAreas() API call, you might see an InvalidArgument error.

            • ESXi host queries by using API sometimes experience slow response, leading to improper health check warnings about the host connectivity.

            • For large clusters with 33 or more ESXi hosts, the vSAN: Basic (unicast) connectivity check might report warnings due to the large number of hosts to ping.

            • In a vSAN stretched cluster, a cluster master host is elected from the preferred fault domain and if no hosts are available, the cluster master is elected from the secondary fault domain. However, if a node from the preferred fault domain joins the cluster, then that host is elected as master by using a process called cluster takeover, which might get the cluster into a bad state. If, for some reason, the cluster takeover does not complete, the virtual machines on this cluster stop responding.

            • After patching a vCenter Server Appliance to 6.5 Update 2 or later, the vSAN health service might fail to start. This problem might occur because the following file does not correctly update custom port assignments for HTTP and HTTPS: /etc/vmware-vsan-health/config.conf.

            • The vsanvpd process on an ESXi host might stop after running QRadar Vulnerability Manager to scan ESXi hosts. This problem occurs when communication to the vsanvpd does not follow the expected protocol. The vsanvpd process denies the connection and exits. The result is that registration or unregistration of the VASA vendor provider information fails.

            • If IPv6 is enabled on an ESXi host and many IPv6 addresses are assigned by using SLAAC, the SNMP service might fail. An error in the logic for looping IPv6 addresses causes the issue. As a result, you cannot monitor ESXi hosts status.

            • Stale parameters might cause incorrect handling of interrupt information from passthrough devices during a reset or reboot. As a result, virtual machines with PCI passthrough devices might fail to power on after a reset or reboot.

            • SFCB might fail and core dump due to a memory reallocation failure. You see error messages similar to: sfcb-vmware_raw[68518]: tool_mm_realloc_or_die: memory re-allocation failed(orig=1600000 new=3200000 msg=Cannot allocate memory, aborting.

            • During a save operation to a distributed portgroup, the hostd service might become temporarily unresponsive due to an internal error. You see a hostd-worker-zdump file in the /var/core/ directory.

            • You must manually add the claim rules to an ESXi host for Tegile Storage Arrays to set the I/O Operations Per Second to 1.

            • Sometimes, the allocated memory for a large number of virtual distributed switch ports exceeds the dvsLargeHeap parameter. This might cause the hostd service or running commands to fail.

            • Administrators must have the following permission to create a vSAN datastore: +Host.Config.Storage.
              This permission also enables the administrator to unmount any datastores that reside in vCenter Server.

            • When Horizon linked clone desktops are refreshed or recomposed, a recompute operation follows and it might take long. The delay in the recompute operation might cause a misconfiguration of the desktop digest files. This results in all the recompute I/O ending up in the replica disk. I/O congestion in the replica causes longer digest recompute times.

            • In some cases, when you remove and add a SR-IOV network adapter during the same reconfigure operation, the spec is generated in such a way that the properties of the new adapter are overwritten, and it displays as an unknown PCIe device.

            • Due to a rare race condition, the provisioning of virtual machines by using View might fail with an error Module 'CheckpointLate' power on failed.

            • When updating a host profile from a reference host, since the default policy option for kernel module parameters is a fixed value, all per-host kernel parameters also become fixed values and cannot be re-used. Also, CHAP secrets cannot be extracted from the host and are effectively lost.

            • Virtual machines might fail with a VMX panic error message during a passthrough of an iLOK USB key device. You see an error similar to PANIC: Unexpected signal: 11 in the virtual machine log file, vmware.log.

            • You must manually add the claim rules to an ESXi host for Dell EMC Trident Storage Arrays to set the I/O Operations Per Second to 1.

            • In ESXi 6.5, notifications for a PDL exit are no longer supported, but the Pluggable Storage Architecture (PSA) might still send notifications to the VMFS layer for such events. This might cause ESXi hosts to fail with a purple diagnostic screen.

            • SFCB fails due to a segmentation fault while querying with the getClass command third-party provider classes such as OSLS_InstCreationOSLS_InstDeletion and OSLS_InstModification under the root/emc/host namespace.

            • The OpenSSL package is updated to version openssl-1.0.2t.

            • If a parent PF is at SBDF, such as C1:00.0, and spawns VFs starting at, for example, C2:00.0, you cannot use that VF.

            • As soon as the CIM Agent is enabled, you might start receiving multiple logs per minute in the syslog.log of ESXi hosts.
              Logs are similar to:
              2019-09-16T12:59:55Z sfcb-vmware_base[2100102]: VMwareHypervisorStorageExtent::fillVMwareHypervisorStorageExtentInstance - durable name length is too large: 256

            • During operations, such as migrating 3D virtual machines by using vSphere vMotion, the memory allocation process might return a NULL value. As a result, the VMkernel components might not get access to the memory and cause failure of the ESXi host.

            • When running the esxcfg-info command, you might see output with similar errors hidden in it:
              ResourceGroup: Skipping CPU times for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688
              ResourceGroup: Skipping VCPU stats for: Vcpu Id 3295688 Times due to error: max # of processors: 4 < 3295688

            • If you hot remove the disk from the proxy virtual machine, the CTK file of an independent nonpersistent VMDK file might be deleted. The issue occurs regardless if the proxy virtual machine has CBT enabled or not. If you delete the last snapshot after a backup, the CTK file is restored and the issue does not affect backup workflows.

            • If unmapped data structures are accessed while a connection to a VMFS volume closes, an ESXi host might fail with a purple diagnostic screen. You see an error similar to PF Exception 14 in world XXX:Unmap Helper IP XXX in the backtrace.

            • When an ESXi host in a vSAN cluster loses connection to a vCenter Server system, the host cannot retrieve the latest vSAN vmodl version, and defaults to a standard vim. This might cause the ESXi host to clear its list of unicast addresses, and lead to a cluster partition.

            • Due to a memory leak in the iSCSI module, software-based iSCSI adapters might not display in the vSphere Client or the vSphere Web Client during the target discovery process.

            • During a cluster rejoin event, an ESXi host running ESXi650-201811002 might fail with a purple diagnostic screen. The failure happens when the CMMDS module improperly attempts to free the host CMMDS utility.

            • Virtual machines with CBT enabled might report long waiting times during snapshot creation due to the 8 KB buffer used for CBT file copying. With this fix, the buffer size is increased to 1 MB to overcome multiple reads and writes of a large CBT file copy, and reduce waiting time.

            • HPE servers with firmware version 1.30 might report the status of I/O module sensors as warnings. You might see similar messages:
              [Device] I/O Module n ALOM_Link_Pn or [Device] I/O module n NIC_Link_Pn.

            • A race condition causes transmission queues of physical NICs to become inactive whenever a virtual switch uplink port is disconnected from one virtual switch or distributed virtual switch and connected to another virtual switch or distributed virtual switch. As a result, network connectivity between virtual machines might fail.

            • By default, the configuration limit for the memory pool of VMFS6 volumes on an ESXi host is 1 PB, but you can extend the pool to support up to 4 PB. However, a total datastore size greater than 1 PB might cause an ESXi host to fail with a purple diagnostic screen due to a memory outage. This fix allows changes in the configuration for up to 16 PB. You must set a limit for the LFBCSlabSizeMaxMB setting, scaling it to the total size of all datastores on an ESXi host. The default is 8, which covers a total capacity of 1PB, but you can increase the limit to up to 128, or 16 PB. You must reboot the ESXi host to enable the change.

            • Due to a race between the power off operation of a virtual machine and a running query to collect CPU performance counters, a vCenter Server system might dereference a NULL pointer. This might result into ESXi hosts failing with a purple diagnostic screen.
          ESXi-6.5.0-20191201001s-standard
          Profile Name ESXi-6.5.0-20191201001s-standard
          Build For build information, see the top of the page.
          Vendor VMware, Inc.
          Release Date December 19, 2019
          Acceptance Level PartnerSupported
          Affected Hardware N/A
          Affected Software N/A
          Affected VIBs
          • VMware_bootbank_esx-base_6.5.0-3.116.15256468
          • VMware_bootbank_esx-tboot_6.5.0-3.116.15256468
          • VMware_bootbank_vsanhealth_6.5.0-3.116.15081927
          • VMware_bootbank_vsan_6.5.0-3.116.15081926
          • VMware_bootbank_cpu-microcode_6.5.0-3.116.15256468
          • VMware_locker_tools-light_6.5.0-3.116.15256468
          • VMware_bootbank_esx-ui_1.33.5-15102916
          PRs Fixed 2363675, 2377205
          Related CVE numbers N/A
          • This patch updates the following issues:
            • Code Name FMS Plt ID MCU Rev MCU Date Brand Names
              Nehalem EP 0x106a5 0x03 0x0000001d 5/11/2018 Intel Xeon 35xx Series
              Intel Xeon 55xx Series
              Lynnfield 0x106e5 0x13 0x0000000a 5/8/2018 Intel Xeon 34xx Lynnfield Series
              Clarkdale 0x20652 0x12 0x00000011 5/8/2018 Intel i3/i5 Clarkdale Series
              Intel Xeon 34xx Clarkdale Series
              Arrandale 0x20655 0x92 0x00000007 4/23/2018 Intel Core i7-620LE Processor
              Sandy Bridge DT 0x206a7 0x12 0x0000002f 2/17/2019 Intel Xeon E3-1100 Series
              Intel Xeon E3-1200 Series
              Intel i7-2655-LE Series
              Intel i3-2100 Series
              Westmere EP 0x206c2 0x03 0x0000001f 5/8/2018 Intel Xeon 56xx Series
              Intel Xeon 36xx Series
              Sandy Bridge EP 0x206d7 0x6d 0x00000718 5/21/2019 Intel Pentium 1400 Series
              Intel Xeon E5-1400 Series
              Intel Xeon E5-1600 Series
              Intel Xeon E5-2400 Series
              Intel Xeon E5-2600 Series
              Intel Xeon E5-4600 Series
              Nehalem EX 0x206e6 0x04 0x0000000d 5/15/2018 Intel Xeon 65xx Series
              Intel Xeon 75xx Series
              Westmere EX 0x206f2 0x05 0x0000003b 5/16/2018 Intel Xeon E7-8800 Series
              Intel Xeon E7-4800 Series
              Intel Xeon E7-2800 Series
              Ivy Bridge DT 0x306a9 0x12 0x00000021 2/13/2019 Intel i3-3200 Series
              Intel i7-3500-LE/UE
              Intel i7-3600-QE
              Intel Xeon E3-1200-v2 Series
              Intel Xeon E3-1100-C-v2 Series
              Intel Pentium B925C
              Haswell DT 0x306c3 0x32 0x00000027 2/26/2019 Intel Xeon E3-1200-v3 Series
              Intel i7-4700-EQ Series
              Intel i5-4500-TE Series
              Intel i3-4300 Series
              Ivy Bridge EP 0x306e4 0xed 0x0000042e 3/14/2019 Intel Xeon E5-4600-v2 Series
              Intel Xeon E5-2600-v2 Series
              Intel Xeon E5-2400-v2 Series
              Intel Xeon E5-1600-v2 Series
              Intel Xeon E5-1400-v2 Series
              Ivy Bridge EX 0x306e7 0xed 0x00000715 3/14/2019 Intel Xeon E7-8800/4800/2800-v2 Series
              Haswell EP 0x306f2 0x6f 0x00000043 3/1/2019 Intel Xeon E5-4600-v3 Series
              Intel Xeon E5-2600-v3 Series
              Intel Xeon E5-2400-v3 Series
              Intel Xeon E5-1600-v3 Series
              Intel Xeon E5-1400-v3 Series
              Haswell EX 0x306f4 0x80 0x00000016 6/17/2019 Intel Xeon E7-8800/4800-v3 Series
              Broadwell H 0x40671 0x22 0x00000021 6/13/2019 Intel Core i7-5700EQ
              Intel Xeon E3-1200-v4 Series
              Avoton 0x406d8 0x01 0x0000012d 9/16/2019 Intel Atom C2300 Series
              Intel Atom C2500 Series
              Intel Atom C2700 Series
              Broadwell EP/EX 0x406f1 0xef 0x0b000038 6/18/2019 Intel Xeon E7-8800/4800-v4 Series
              Intel Xeon E5-4600-v4 Series
              Intel Xeon E5-2600-v4 Series
              Intel Xeon E5-1600-v4 Series
              Skylake SP 0x50654 0xb7 0x02000065 9/5/2019 Intel Xeon Platinum 8100 Series
              Intel Xeon Gold 6100/5100, Silver 4100, Bronze 3100 Series
              Intel Xeon D-2100 Series
              Intel Xeon D-1600 Series
              Intel Xeon W-3100 Series
              Intel Xeon W-2100 Series
              Cascade Lake B-0 0x50656 0xbf 0x0400002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
              Intel Xeon Gold 6200/5200
              Intel Xeon Silver 4200/Bronze 3200
              Intel Xeon W-3200
              Cascade Lake 0x50657 0xbf 0x0500002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
              Intel Xeon Gold 6200/5200
              Intel Xeon Silver 4200/Bronze 3200
              Intel Xeon W-3200
              Broadwell DE 0x50662 0x10 0x0000001c 6/17/2019 Intel Xeon D-1500 Series
              Broadwell DE 0x50663 0x10 0x07000019 6/17/2019 Intel Xeon D-1500 Series
              Broadwell DE 0x50664 0x10 0x0f000017 6/17/2019 Intel Xeon D-1500 Series
              Broadwell NS 0x50665 0x10 0x0e00000f 6/17/2019 Intel Xeon D-1600 Series
              Skylake H/S 0x506e3 0x36 0x000000cc 4/1/2019 Intel Xeon E3-1500-v5 Series
              Intel Xeon E3-1200-v5 Series
              Denverton 0x506f1 0x01 0x0000002e 3/21/2019 Intel Atom C3000 Series
              Kaby Lake H/S/X 0x906e9 0x2a 0x000000c6 8/14/2019 Intel Xeon E3-1200-v6 Series
              Intel Xeon E3-1500-v6 Series
              Coffee Lake H/S 0x906ea 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake H/S 0x906eb 0x02 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake H/S 0x906ec 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake Refresh 0x906ed 0x22 0x000000c6 8/14/2019 Intel Xeon E-2200 Series
            • The following VMware Tools ISO images are bundled with ESXi650-201912002:

              • windows.iso: VMware Tools 11.0.1 ISO image for Windows Vista (SP2) or later
              • linux.iso: VMware Tools 10.3.21 ISO image for Linux OS with glibc 2.5 or later

              The following VMware Tools 10.3.10 ISO images are available for download:

              • solaris.iso : VMware Tools image for Solaris
              • darwin.iso : VMware Tools image for OSX

              Follow the procedures listed in the following documents to download VMware Tools for platforms that are not bundled with ESXi:

          ESXi-6.5.0-20191201001s-no-tools
          Profile Name ESXi-6.5.0-20191201001s-no-tools
          Build For build information, see the top of the page.
          Vendor VMware, Inc.
          Release Date December 19, 2019
          Acceptance Level PartnerSupported
          Affected Hardware N/A
          Affected Software N/A
          Affected VIBs
          • VMware_bootbank_esx-base_6.5.0-3.116.15256468
          • VMware_bootbank_esx-tboot_6.5.0-3.116.15256468
          • VMware_bootbank_vsanhealth_6.5.0-3.116.15081927
          • VMware_bootbank_vsan_6.5.0-3.116.15081926
          • VMware_bootbank_cpu-microcode_6.5.0-3.116.15256468
          • VMware_bootbank_esx-ui_1.33.5-15102916
          PRs Fixed 2363675, 2377205
          Related CVE numbers N/A
          • This patch updates the following issues:
            • Code Name FMS Plt ID MCU Rev MCU Date Brand Names
              Nehalem EP 0x106a5 0x03 0x0000001d 5/11/2018 Intel Xeon 35xx Series
              Intel Xeon 55xx Series
              Lynnfield 0x106e5 0x13 0x0000000a 5/8/2018 Intel Xeon 34xx Lynnfield Series
              Clarkdale 0x20652 0x12 0x00000011 5/8/2018 Intel i3/i5 Clarkdale Series
              Intel Xeon 34xx Clarkdale Series
              Arrandale 0x20655 0x92 0x00000007 4/23/2018 Intel Core i7-620LE Processor
              Sandy Bridge DT 0x206a7 0x12 0x0000002f 2/17/2019 Intel Xeon E3-1100 Series
              Intel Xeon E3-1200 Series
              Intel i7-2655-LE Series
              Intel i3-2100 Series
              Westmere EP 0x206c2 0x03 0x0000001f 5/8/2018 Intel Xeon 56xx Series
              Intel Xeon 36xx Series
              Sandy Bridge EP 0x206d7 0x6d 0x00000718 5/21/2019 Intel Pentium 1400 Series
              Intel Xeon E5-1400 Series
              Intel Xeon E5-1600 Series
              Intel Xeon E5-2400 Series
              Intel Xeon E5-2600 Series
              Intel Xeon E5-4600 Series
              Nehalem EX 0x206e6 0x04 0x0000000d 5/15/2018 Intel Xeon 65xx Series
              Intel Xeon 75xx Series
              Westmere EX 0x206f2 0x05 0x0000003b 5/16/2018 Intel Xeon E7-8800 Series
              Intel Xeon E7-4800 Series
              Intel Xeon E7-2800 Series
              Ivy Bridge DT 0x306a9 0x12 0x00000021 2/13/2019 Intel i3-3200 Series
              Intel i7-3500-LE/UE
              Intel i7-3600-QE
              Intel Xeon E3-1200-v2 Series
              Intel Xeon E3-1100-C-v2 Series
              Intel Pentium B925C
              Haswell DT 0x306c3 0x32 0x00000027 2/26/2019 Intel Xeon E3-1200-v3 Series
              Intel i7-4700-EQ Series
              Intel i5-4500-TE Series
              Intel i3-4300 Series
              Ivy Bridge EP 0x306e4 0xed 0x0000042e 3/14/2019 Intel Xeon E5-4600-v2 Series
              Intel Xeon E5-2600-v2 Series
              Intel Xeon E5-2400-v2 Series
              Intel Xeon E5-1600-v2 Series
              Intel Xeon E5-1400-v2 Series
              Ivy Bridge EX 0x306e7 0xed 0x00000715 3/14/2019 Intel Xeon E7-8800/4800/2800-v2 Series
              Haswell EP 0x306f2 0x6f 0x00000043 3/1/2019 Intel Xeon E5-4600-v3 Series
              Intel Xeon E5-2600-v3 Series
              Intel Xeon E5-2400-v3 Series
              Intel Xeon E5-1600-v3 Series
              Intel Xeon E5-1400-v3 Series
              Haswell EX 0x306f4 0x80 0x00000016 6/17/2019 Intel Xeon E7-8800/4800-v3 Series
              Broadwell H 0x40671 0x22 0x00000021 6/13/2019 Intel Core i7-5700EQ
              Intel Xeon E3-1200-v4 Series
              Avoton 0x406d8 0x01 0x0000012d 9/16/2019 Intel Atom C2300 Series
              Intel Atom C2500 Series
              Intel Atom C2700 Series
              Broadwell EP/EX 0x406f1 0xef 0x0b000038 6/18/2019 Intel Xeon E7-8800/4800-v4 Series
              Intel Xeon E5-4600-v4 Series
              Intel Xeon E5-2600-v4 Series
              Intel Xeon E5-1600-v4 Series
              Skylake SP 0x50654 0xb7 0x02000065 9/5/2019 Intel Xeon Platinum 8100 Series
              Intel Xeon Gold 6100/5100, Silver 4100, Bronze 3100 Series
              Intel Xeon D-2100 Series
              Intel Xeon D-1600 Series
              Intel Xeon W-3100 Series
              Intel Xeon W-2100 Series
              Cascade Lake B-0 0x50656 0xbf 0x0400002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
              Intel Xeon Gold 6200/5200
              Intel Xeon Silver 4200/Bronze 3200
              Intel Xeon W-3200
              Cascade Lake 0x50657 0xbf 0x0500002c 9/5/2019 Intel Xeon Platinum 9200/8200 Series
              Intel Xeon Gold 6200/5200
              Intel Xeon Silver 4200/Bronze 3200
              Intel Xeon W-3200
              Broadwell DE 0x50662 0x10 0x0000001c 6/17/2019 Intel Xeon D-1500 Series
              Broadwell DE 0x50663 0x10 0x07000019 6/17/2019 Intel Xeon D-1500 Series
              Broadwell DE 0x50664 0x10 0x0f000017 6/17/2019 Intel Xeon D-1500 Series
              Broadwell NS 0x50665 0x10 0x0e00000f 6/17/2019 Intel Xeon D-1600 Series
              Skylake H/S 0x506e3 0x36 0x000000cc 4/1/2019 Intel Xeon E3-1500-v5 Series
              Intel Xeon E3-1200-v5 Series
              Denverton 0x506f1 0x01 0x0000002e 3/21/2019 Intel Atom C3000 Series
              Kaby Lake H/S/X 0x906e9 0x2a 0x000000c6 8/14/2019 Intel Xeon E3-1200-v6 Series
              Intel Xeon E3-1500-v6 Series
              Coffee Lake H/S 0x906ea 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake H/S 0x906eb 0x02 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake H/S 0x906ec 0x22 0x000000c6 8/14/2019 Intel Xeon E-2100 Series
              Coffee Lake Refresh 0x906ed 0x22 0x000000c6 8/14/2019 Intel Xeon E-2200 Series
            • The following VMware Tools ISO images are bundled with ESXi650-201912002:

              • windows.iso: VMware Tools 11.0.1 ISO image for Windows Vista (SP2) or later
              • linux.iso: VMware Tools 10.3.21 ISO image for Linux OS with glibc 2.5 or later

              The following VMware Tools 10.3.10 ISO images are available for download:

              • solaris.iso : VMware Tools image for Solaris
              • darwin.iso : VMware Tools image for OSX

              Follow the procedures listed in the following documents to download VMware Tools for platforms that are not bundled with ESXi: