This site will be decommissioned on December 31st 2024. After that date content will be available at techdocs.broadcom.com.

Release Date: 06 October, 2022

What's in the Release Notes

The release notes cover the following topics:

Build Details

Download Filename: ESXi650-202210001.zip
Build: 20502893
Download Size: 469.5 MB
md5sum: bbb016b86a11df536ae8eac16a2c0403
sha256checksum: 7dda11bfdc8beb0627abfe46ca7f4b8c6debc71a1cb145a1aff5566837cf9d8e
Host Reboot Required: Yes
Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi650-202210401-BG Bugfix Important
ESXi650-202210402-BG Bugfix Important
ESXi650-202210101-SG Security Important
ESXi650-202210102-SG Security Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.5.

Bulletin ID Category Severity
ESXi650-202210001 Bugfix Important

IMPORTANT: For clusters using VMware vSAN, you must first upgrade the vCenter Server system. Upgrading only ESXi is not supported.
Before an upgrade, always verify in the VMware Product Interoperability Matrix compatible upgrade paths from earlier versions of ESXi, vCenter Server and vSAN to the current version.

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-6.5.0-20221004001-standard
ESXi-6.5.0-20221004001-no-tools
ESXi-6.5.0-20221001001s-standard
ESXi-6.5.0-20221001001s-no-tools

For more information about the individual bulletins, see the Download Patches page and the Resolved Issues section.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is by using the VMware vSphere Update Manager. For details, see About Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from VMware Customer Connect. Navigate to Products and Accounts > Product Patches. From the Select a Product drop-down menu, select ESXi (Embedded and Installable) and from the Select a Version drop-down menu, select 6.5.0. Install VIBs by using the esxcli software vib update command. Additionally, the system can be updated by using the image profile and the esxcli software profile update command. For more information, see vSphere Command-Line Interface Concepts and Examples and vSphere Upgrade Guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi650-202210401-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_vsanhealth_6.5.0-3.195.20330361
  • VMware_bootbank_vsan_6.5.0-3.195.20330358
  • VMware_bootbank_esx-base_6.5.0-3.195.20502893
  • VMware_bootbank_esx-tboot_6.5.0-3.195.20502893
PRs Fixed  2976624
Related CVE numbers N/A

This patch updates esx-baseesx-tboot, vsan, and vsanhealth VIBs to resolve the following issues:

  • PR 2976624: When using VMFS snapshots, you might see repeated resets or slow Windows boot time

    Due to the slow execution of getLbaStatus command in some environments, when you use VMFS snapshots, you might see repeated resets or slow Windows boot time. Depending on size of the disk, you might also see VMs to occasionally become unresponsive. The issue is primarily seen on VMs with Windows version 1809 and later that have VMFS snapshots.

    This issue is resolved in this release.

ESXi650-202210402-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMW_bootbank_ntg3_4.1.8.0-4vmw.650.3.195.20502893
PRs Fixed  3004249
Related CVE numbers N/A

This patch updates the ntg3 VIB to resolve the following issue:

  • PR 3004249: You see link flapping on NICs that use the ntg3 driver of version 4.1.3 and later

    When two NICs that use the ntg3 driver of versions 4.1.3 and later are connected directly, not to a physical switch port, link flapping might occur. The issue does not occur on ntg3 drivers of versions earlier than 4.1.3 or the tg3 driver. This issue is not related to the occasional Energy Efficient Ethernet (EEE) link flapping on such NICs. The fix for the EEE issue is to use an ntg3 driver of version 4.1.7 or later, or disable EEE on physical switch ports.

    This issue is resolved in this release. ESXi650-202210001 comes with ntg3 driver version 4.1.8. However, after you upgrade the ntg3 driver to version 4.1.8, you must set the new module parameter noPhyStateSet to 1. The noPhyStateSet parameter defaults to 0 and is not required in most environments, except they face the issue.

ESXi650-202210101-SG
Patch Category Security
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-tboot_6.5.0-3.191.20448942
  • VMware_bootbank_esx-base_6.5.0-3.191.20448942
  • VMware_bootbank_vsanhealth_6.5.0-3.191.20076036
  • VMware_bootbank_vsan_6.5.0-3.191.20076035
PRs Fixed  2992266, 2992285, 2992295, 3001356, 3004414
Related CVE numbers N/A

This patch updates esx-baseesx-tboot, vsan, and vsanhealth VIBs to resolve the following issues:

    • ESXi650-202210001 provides the following security updates:

      cURL is updated to version 7.84.0.
      The OpenSSL library is updated to versions 1.0.2zf.
      The SQLite database is updated to version 3.39.0.
      The zlib library is updated to version 1.2.12.

    • This release resolves CVE-2022-31681. For more information on this vulnerability and its impact on VMware products, see VMSA-2022-0025.

    • This release resolves CVE-2018-5733. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
       

ESXi650-202210102-SG
Patch Category Security
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_locker_tools-light_6.5.0-3.191.20448942
PRs Fixed  3015672
Related CVE numbers N/A

This patch updates the tools-light VIBs to resolve the following issue:

    • The following VMware Tools ISO images are bundled with ESXi 650-202210001:
      • windows.iso: VMware Tools 12.0.6 supports Windows 7 SP1 or Windows Server 2008 R2 SP1 and later.
      • linux.iso: VMware Tools 10.3.24 ISO image for Linux OS with glibc 2.11 or later.

      The following VMware Tools ISO images are available for download:

      • VMware Tools 10.0.12:
        • winPreVista.iso: for Windows 2000, Windows XP, and Windows 2003.
        • linuxPreGLibc25.iso: for Linux OS with a glibc version less than 2.5.
           
      • VMware Tools 11.0.6:
        • windows.iso: for Windows Vista (SP2) and Windows Server 2008 Service Pack 2 (SP2).
           
      • solaris.iso: VMware Tools image 10.3.10 for Solaris.
      • darwin.iso: Supports Mac OS X versions 10.11 and later.

      Follow the procedures listed in the following documents to download VMware Tools for platforms not bundled with ESXi:

ESXi-6.5.0-20221004001-standard
Profile Name ESXi-6.5.0-20221004001-standard
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date October 06, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_vsanhealth_6.5.0-3.195.20330361
  • VMware_bootbank_vsan_6.5.0-3.195.20330358
  • VMware_bootbank_esx-base_6.5.0-3.195.20502893
  • VMware_bootbank_esx-tboot_6.5.0-3.195.20502893
  • VMW_bootbank_ntg3_4.1.8.0-4vmw.650.3.195.20502893
PRs Fixed 2976624, 3004249
Related CVE numbers N/A
    • When two NICs that use the ntg3 driver of versions 4.1.3 and later are connected directly, not to a physical switch port, link flapping might occur. The issue does not occur on ntg3 drivers of versions earlier than 4.1.3 or the tg3 driver. This issue is not related to the occasional Energy Efficient Ethernet (EEE) link flapping on such NICs. The fix for the EEE issue is to use an ntg3 driver of version 4.1.7 or later, or disable EEE on physical switch ports.

    • Due to the slow execution of getLbaStatus command in some environments, when you use VMFS snapshots, you might see repeated resets or slow Windows boot time. Depending on size of the disk, you might also see VMs to occasionally become unresponsive. The issue is primarily seen on VMs with Windows version 1809 and later that have VMFS snapshots.

ESXi-6.5.0-20221004001-no-tools
Profile Name ESXi-6.5.0-20221004001-no-tools
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date October 06, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_vsanhealth_6.5.0-3.195.20330361
  • VMware_bootbank_vsan_6.5.0-3.195.20330358
  • VMware_bootbank_esx-base_6.5.0-3.195.20502893
  • VMware_bootbank_esx-tboot_6.5.0-3.195.20502893
  • VMW_bootbank_ntg3_4.1.8.0-4vmw.650.3.195.20502893
PRs Fixed 2976624, 3004249
Related CVE numbers N/A
    • When two NICs that use the ntg3 driver of versions 4.1.3 and later are connected directly, not to a physical switch port, link flapping might occur. The issue does not occur on ntg3 drivers of versions earlier than 4.1.3 or the tg3 driver. This issue is not related to the occasional Energy Efficient Ethernet (EEE) link flapping on such NICs. The fix for the EEE issue is to use an ntg3 driver of version 4.1.7 or later, or disable EEE on physical switch ports.

    • Due to the slow execution of getLbaStatus command in some environments, when you use VMFS snapshots, you might see repeated resets or slow Windows boot time. Depending on size of the disk, you might also see VMs to occasionally become unresponsive. The issue is primarily seen on VMs with Windows version 1809 and later that have VMFS snapshots.

ESXi-6.5.0-20221001001s-standard
Profile Name ESXi-6.5.0-20221001001s-standard
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date October 06, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-tboot_6.5.0-3.191.20448942
  • VMware_bootbank_esx-base_6.5.0-3.191.20448942
  • VMware_bootbank_vsanhealth_6.5.0-3.191.20076036
  • VMware_bootbank_vsan_6.5.0-3.191.20076035
  • VMware_locker_tools-light_6.5.0-3.191.20448942
PRs Fixed 2992266, 2992285, 2992295, 3001356, 3004414, 3015672
Related CVE numbers N/A
    • ESXi650-202210001 provides the following security updates:

      cURL is updated to version 7.84.0.
      The OpenSSL library is updated to versions 1.0.2zf.
      The SQLite database is updated to version 3.39.0.
      The zlib library is updated to version 1.2.12.

    • This release resolves CVE-2022-31681. For more information on this vulnerability and its impact on VMware products, see VMSA-2022-0025.

    • This release resolves CVE-2018-5733. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.

    • The following VMware Tools ISO images are bundled with ESXi 650-202210001:
      • windows.iso: VMware Tools 12.0.6 supports Windows 7 SP1 or Windows Server 2008 R2 SP1 and later.
      • linux.iso: VMware Tools 10.3.24 ISO image for Linux OS with glibc 2.11 or later.

      The following VMware Tools ISO images are available for download:

      • VMware Tools 10.0.12:
        • winPreVista.iso: for Windows 2000, Windows XP, and Windows 2003.
        • linuxPreGLibc25.iso: for Linux OS with a glibc version less than 2.5.
           
      • VMware Tools 11.0.6:
        • windows.iso: for Windows Vista (SP2) and Windows Server 2008 Service Pack 2 (SP2).
           
      • solaris.iso: VMware Tools image 10.3.10 for Solaris.
      • darwin.iso: Supports Mac OS X versions 10.11 and later.

      Follow the procedures listed in the following documents to download VMware Tools for platforms not bundled with ESXi:

ESXi-6.5.0-20221001001s-no-tools
Profile Name ESXi-6.5.0-20221001001s-no-tools
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date October 06, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-tboot_6.5.0-3.191.20448942
  • VMware_bootbank_esx-base_6.5.0-3.191.20448942
  • VMware_bootbank_vsanhealth_6.5.0-3.191.20076036
  • VMware_bootbank_vsan_6.5.0-3.191.20076035
  • VMware_locker_tools-light_6.5.0-3.191.20448942
PRs Fixed 2992266, 2992285, 2992295, 3001356, 3004414
Related CVE numbers N/A
    • ESXi650-202210001 provides the following security updates:

      cURL is updated to version 7.84.0.
      The OpenSSL library is updated to versions 1.0.2zf.
      The SQLite database is updated to version 3.39.0.
      The zlib library is updated to version 1.2.12.

    • This release resolves CVE-2022-31681. For more information on this vulnerability and its impact on VMware products, see VMSA-2022-0025.

    • This release resolves CVE-2018-5733. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.

Known Issues from Previous Releases

To view a list of previous known issues, click here.

check-circle-line exclamation-circle-line close-line
Scroll to top icon