Release Date: MAY 14, 2019

Download Filename:

ESXi670-201905001.zip

Build:

13644319

Download Size:

316.2 MB

md5sum:

b419446f895294ffd919885545e691be

sha1checksum:

16e02a13e90fd1aa85d3f2016a652c1fcb3a6a66

Host Reboot Required: Yes

Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi670-201905401-BG Bugfix Important
ESXi670-201905402-BG Bugfix Important
ESXi670-201905403-BG Bugfix Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.7.

Bulletin ID Category Severity
ESXi670-201905001 Bugfix Important

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-6.7.0-20190504001-standard
ESXi-6.7.0-20190504001-no-tools

For more information about the individual bulletins, see the Download Patches page and the Resolved Issues section.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the About Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command.

For more information, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi670-201905401-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
PRs Fixed  N/A
Related CVE numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

This patch updates the esx-base, esx-update, vsan and vsanhealth VIBs to resolve the following issue:

  • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    NOTE: At the time of this publication updated Sandy Bridge EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.

ESXi670-201905402-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
PRs Fixed  N/A
Related CVE numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

This patch updates the cpu-microcode VIB to resolve the following issue:

  • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    NOTE: At the time of this publication updated Sandy Bridge EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.

  • The cpu-microcode VIB includes the following Intel microcode:
    Code Name FMS Plt ID MCU Rev MCU Date Brand Names
    Nehalem EP 0x106a5 0x03 0x0000001d 5/11/2018 Intel Xeon 35xx Series;
    Intel Xeon 55xx Series
    Lynnfield 0x106e5 0x13 0x0000000a 5/8/2018 Intel Xeon 34xx Lynnfield Series
    Clarkdale 0x20652 0x12 0x00000011 5/8/2018 Intel i3/i5 Clarkdale Series;
    Intel Xeon 34xx Clarkdale Series
    Arrandale 0x20655 0x92 0x00000007 4/23/2018 Intel Core i7-620LE Processor
    Sandy Bridge DT 0x206a7 0x12 0x0000002f 2/17/2019 Intel Xeon E3-1100 Series;
    Intel Xeon E3-1200 Series;
    Intel i7-2655-LE Series;
    Intel i3-2100 Series
    Westmere EP 0x206c2 0x03 0x0000001f 5/8/2018 Intel Xeon 56xx Series;
    Intel Xeon 36xx Series
    Sandy Bridge EP 0x206d7 0x6d 0x00000714 5/8/2018 Intel Pentium 1400 Series;
    Intel Xeon E5-1400 Series;
    Intel Xeon E5-1600 Series;
    Intel Xeon E5-2400 Series;
    Intel Xeon E5-2600 Series;
    Intel Xeon E5-4600 Series
    Nehalem EX 0x206e6 0x04 0x0000000d 5/15/2018 Intel Xeon 65xx Series;
    Intel Xeon 75xx Series
    Westmere EX 0x206f2 0x05 0x0000003b 5/16/2018 Intel Xeon E7-8800 Series;
    Intel Xeon E7-4800 Series;
    Intel Xeon E7-2800 Series
    Ivy Bridge DT 0x306a9 0x12 0x00000021 2/13/2019 Intel i3-3200 Series;
    Intel i7-3500-LE/UE;
    Intel i7-3600-QE;
    Intel Xeon E3-1200-v2 Series;
    Intel Xeon E3-1100-C-v2 Series;
    Intel Pentium B925C
    Haswell DT 0x306c3 0x32 0x00000027 2/26/2019 Intel Xeon E3-1200-v3 Series;
    Intel i7-4700-EQ Series;
    Intel i5-4500-TE Series;
    Intel i3-4300 Series
    Ivy Bridge EP 0x306e4 0xed 0x0000042e 3/14/2019 Intel Xeon E5-4600-v2 Series;
    Intel Xeon E5-2600-v2 Series;
    Intel Xeon E5-2400-v2 Series;
    Intel Xeon E5-1600-v2 Series;
    Intel Xeon E5-1400-v2 Series
    Ivy Bridge EX 0x306e7 0xed 0x00000715 3/14/2019 Intel Xeon E7-8800/4800/2800-v2 Series
    Haswell EP 0x306f2 0x6f 0x00000043 3/1/2019 Intel Xeon E5-4600-v3 Series;
    Intel Xeon E5-2600-v3 Series;
    Intel Xeon E5-2400-v3 Series;
    Intel Xeon E5-1600-v3 Series;
    Intel Xeon E5-1400-v3 Series
    Haswell EX 0x306f4 0x80 0x00000014 3/1/2019 Intel Xeon E7-8800/4800-v3 Series
    Broadwell H 0x40671 0x22 0x00000020 3/7/2019 Intel Core i7-5700EQ;
    Intel Xeon E3-1200-v4 Series
    Avoton 0x406d8 0x01 0x0000012a 1/4/2018 Intel Atom C2300 Series;
    Intel Atom C2500 Series;
    Intel Atom C2700 Series
    Broadwell EP/EX 0x406f1 0xef 0x0b000036 3/2/2019 Intel Xeon E7-8800/4800-v4 Series;
    Intel Xeon E5-4600-v4 Series;
    Intel Xeon E5-2600-v4 Series;
    Intel Xeon E5-1600-v4 Series
    Skylake SP 0x50654 0xb7 0x0200005e 4/2/2019 Intel Xeon Platinum 8100 Series;
    Intel Xeon Gold 6100/5100, Silver 4100, Bronze 3100 Series;
    Intel Xeon D-2100 Series;
    Intel Xeon D-1600 Series;
    Intel Xeon W-3100 Series;
    Intel Xeon W-2100 Series
    Cascade Lake 0x50657 0xbf 0x05000021 2/27/2019 Intel Xeon Platinum 9200/8200 Series;
    Intel Xeon Gold 6200/5200;
    Intel Xeon Silver 4200/Bronze 3200;
    Intel Xeon W-3200
    Broadwell DE 0x50662 0x10 0x0000001a 3/23/2019 Intel Xeon D-1500 Series
    Broadwell DE 0x50663 0x10 0x07000017 3/23/2019 Intel Xeon D-1500 Series
    Broadwell DE 0x50664 0x10 0x0f000015 3/23/2019 Intel Xeon D-1500 Series
    Broadwell NS 0x50665 0x10 0x0e00000d 3/23/2019 Intel Xeon D-1600 Series
    Skylake H/S 0x506e3 0x36 0x000000cc 4/1/2019 Intel Xeon E3-1500-v5 Series;
    Intel Xeon E3-1200-v5 Series
    Denverton 0x506f1 0x01 0x0000002e 3/21/2019 Intel Atom C3000 Series
    Kaby Lake H/S/X 0x906e9 0x2a 0x000000b4 4/1/2019 Intel Xeon E3-1200-v6 Series;
    Intel Xeon E3-1500-v6 Series
    Coffee Lake H/S 0x906ea 0x22 0x000000b4 4/1/2019 Intel Xeon E-2100 Series
    Coffee Lake H/S 0x906eb 0x02 0x000000b4 4/1/2019 Intel Xeon E-2100 Series
    Coffee Lake H/S 0x906ec 0x22 0x000000ae 2/14/2019 Intel Xeon E-2100 Series
    Coffee Lake Refresh 0x906ed 0x22 0x000000b8 3/17/2019 Intel Xeon E-2200 Series
ESXi670-201905403-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required No
Virtual Machine Migration or Shutdown Required No
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed  2331401
Related CVE numbers N/A

This patch updates the esx-ui VIB to resolve the following issue:

  • PR 2331401: You cannot send keys to the guest OS by using the drop-down list in the VMware Remote Console

    You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.

    This issue is resolved in this release.

ESXi-6.7.0-20190504001-standard
Profile Name ESXi-6.7.0-20190504001-standard
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date May 14, 2019
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed 2331401 
Related CVE numbers N/A
  • This patch updates the following issues:
    • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    • You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.

ESXi-6.7.0-20190504001-no-tools
Profile Name ESXi-6.7.0-20190504001-no-tools
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date May 14, 2019
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed 2331401 
Related CVE numbers N/A
  • This patch updates the following issues:
    • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    • You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.

check-circle-line exclamation-circle-line close-line
Scroll to top icon