This site will be decommissioned on December 31st 2024. After that date content will be available at techdocs.broadcom.com.

ESXi 7.0 Update 2e | 15 FEB 2022 | Build 19290878

Check for additions and updates to these release notes.

What's in the Release Notes

IMPORTANT: ESXi 7.0 Update 2e delivers fixes for CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, and CVE-2021-22043. If you do not plan to update your environment to ESXi 7.0 Update 3c (build # 19193900), use ESXi 7.0 Update 2e to update your ESXi hosts of version 7.0 Update 2d (build # 18538813) and earlier with these security fixes. 
The supported update path from ESXi 7.0 Update 2e is to ESXi 7.0 Update 3c or later. The upgrade path from ESXi 6.5.x and ESXi 6.7.x to ESXi 7.0 Update 2e is not supported. For supported upgrade paths from ESXi 6.5.x and 6.7.x to ESXi 7.x versions, see VMware knowledge base article 67077.

The release notes cover the following topics:

What's New

  • ESXi 7.0 Update 2е resolves CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, and CVE-2021-22043. For more information on these vulnerabilities and their impact on VMware products, see VMSA-2022-0004.

Earlier Releases of ESXi 7.0

New features, resolved, and known issues of ESXi are described in the release notes for each release. Release notes for earlier releases of ESXi 7.0 are:

For internationalization, compatibility, and open source components, see the VMware vSphere 7.0 Release Notes.

Patches Contained in This Release

This release of ESXi 7.0 Update 2e delivers the following patches:

Build Details

Download Filename: VMware-ESXi-7.0U2e-19290878-depot
Build: 19290878
Download Size: 391.0 MB
md5sum: a866ad94d04be2fcadc385b31b1fc804
sha256checksum: 95ec97007c3c021ed6d4380502c74ac2d6cade11460c5c0d6f19cc5959ca7f01
Host Reboot Required: Yes
Virtual Machine Migration or Shutdown Required: Yes

For a table of build numbers and versions of VMware vCenter Server, see VMware knowledge base article 2143838.

Components

Component Bulletin Category Severity
ESXi Component - core ESXi VIBs ESXi_7.0.2-0.30.19290878 Security Important
ESXi Install/Upgrade Component esx-update_7.0.2-0.30.19290878 Security Important

IMPORTANT:

  • To download the ESXi 7.0 Update 2e patch offline depot ZIP file from VMware Customer Connect, you must navigate to Products and Accounts > Product Patches. From the Select a Product drop-down menu, select ESXi (Embedded and Installable) and from the Select a Version drop-down menu, select 7.0.
  • Starting with vSphere 7.0, VMware uses components for packaging VIBs along with bulletins. The ESXi and esx-update bulletins are dependent on each other. Always include both in a single ESXi host patch baseline or include the rollup bulletin in the baseline to avoid failure during host patching. 
  • When patching ESXi hosts by using VMware Update Manager from a version prior to ESXi 7.0 Update 2, it is strongly recommended to use the rollup bulletin in the patch baseline. If you cannot use the rollup bulletin, be sure to include all of the following packages in the patching baseline. If the following packages are not included in the baseline, the update operation fails:
    • VMware-vmkusb_0.1-1vmw.701.0.0.16850804 or higher
    • VMware-vmkata_0.1-1vmw.701.0.0.16850804 or higher
    • VMware-vmkfcoe_1.0.0.2-1vmw.701.0.0.16850804 or higher
    • VMware-NVMeoF-RDMA_1.0.1.2-1vmw.701.0.0.16850804 or higher

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes after the initial release of ESXi 7.0.

Bulletin ID Category Severity
ESXi70U2e-19290878 Security Critical

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-7.0U2e-19290878-standard
ESXi-7.0U2e-19290878-no-tools

ESXi Image

Name and Version Release Date Category Detail
ESXi70U2e-19290878 02/15/2022 Security Security image

For information about the individual components and bulletins, see the Product Patches page and the Resolved Issues section.

Patch Download and Installation

In vSphere 7.0.x, the Update Manager plug-in, used for administering vSphere Update Manager, is replaced with the Lifecycle Manager plug-in. Administrative operations for vSphere Update Manager are still available under the Lifecycle Manager plug-in, along with new capabilities for vSphere Lifecycle Manager.
The typical way to apply patches to ESXi 7.0.x hosts is by using the vSphere Lifecycle Manager. For details, see About vSphere Lifecycle Manager and vSphere Lifecycle Manager Baselines and Images.
You can also update ESXi hosts without using the Lifecycle Manager plug-in, and use an image profile instead. To do this, you must manually download the patch offline bundle ZIP file from the Product Patches page and use the esxcli software profile update command.
For more information, see the Upgrading Hosts by Using ESXCLI Commands and the VMware ESXi Upgrade guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi_7.0.2-0.30.19290878
Patch Category Security
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-dvfilter-generic-fastpath_7.0.2-0.30.19290878
  • VMware_bootbank_cpu-microcode_7.0.2-0.30.19290878
  • VMware_bootbank_clusterstore_7.0.2-0.30.19290878
  • VMware_bootbank_vdfs_7.0.2-0.30.19290878
  • VMware_bootbank_crx_7.0.2-0.30.19290878
  • VMware_bootbank_vsan_7.0.2-0.30.19290878
  • VMware_bootbank_gc_7.0.2-0.30.19290878
  • VMware_bootbank_native-misc-drivers_7.0.2-0.30.19290878
  • VMware_bootbank_esx-base_7.0.2-0.30.19290878
  • VMware_bootbank_esx-xserver_7.0.2-0.30.19290878
  • VMware_bootbank_vsanhealth_7.0.2-0.30.19290878
PRs Fixed N/A
CVE numbers CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043

The ESXi and esx-update bulletins are dependent on each other. Always include both in a single ESXi host patch baseline or include the rollup bulletin in the baseline to avoid failure during host patching.
Updates the esx-dvfilter-generic-fastpath, vsanhealth, vdfs, vsan, esx-base, crx, native-misc-drivers, esx-xserver, gc and cpu-microcode VIBs to resolve the following issue:

  • This release resolves CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, and CVE-2021-22043. For more information on these vulnerabilities and their impact on VMware products, see VMSA-2022-0004.

esx-update_7.0.2-0.30.19290878
Patch Category Security
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A

VIBs Included

  • VMware_bootbank_esx-update_7.0.2-0.30.19290878
  • VMware_bootbank_loadesx_7.0.2-0.30.19290878
PRs Fixed  N/A
CVE numbers N/A

Updates the loadesx and esx-update VIBs.

    ESXi-70U2e-19290878-standard
    Profile Name ESXi-70U2e-19290878-standard
    Build For build information, see Patches Contained in this Release.
    Vendor VMware, Inc.
    Release Date February 15, 2022
    Acceptance Level PartnerSupported
    Affected Hardware N/A
    Affected Software N/A
    Affected VIBs
    • VMware_bootbank_esx-dvfilter-generic-fastpath_7.0.2-0.30.19290878
    • VMware_bootbank_cpu-microcode_7.0.2-0.30.19290878
    • VMware_bootbank_clusterstore_7.0.2-0.30.19290878
    • VMware_bootbank_vdfs_7.0.2-0.30.19290878
    • VMware_bootbank_crx_7.0.2-0.30.19290878
    • VMware_bootbank_vsan_7.0.2-0.30.19290878
    • VMware_bootbank_gc_7.0.2-0.30.19290878
    • VMware_bootbank_native-misc-drivers_7.0.2-0.30.19290878
    • VMware_bootbank_esx-base_7.0.2-0.30.19290878
    • VMware_bootbank_esx-xserver_7.0.2-0.30.19290878
    • VMware_bootbank_vsanhealth_7.0.2-0.30.19290878
    • VMware_bootbank_esx-update_7.0.2-0.30.19290878
    • VMware_bootbank_loadesx_7.0.2-0.30.19290878
    PRs Fixed N/A
    Related CVE numbers CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043
    • This patch updates the following issue:
      • This release resolves CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, and CVE-2021-22043. For more information on these vulnerabilities and their impact on VMware products, see VMSA-2022-0004.

    ESXi-70U2e-19290878-no-tools
    Profile Name ESXi-70U2e-19290878-no-tools
    Build For build information, see Patches Contained in this Release.
    Vendor VMware, Inc.
    Release Date February 15, 2022
    Acceptance Level PartnerSupported
    Affected Hardware N/A
    Affected Software N/A
    Affected VIBs
    • VMware_bootbank_esx-dvfilter-generic-fastpath_7.0.2-0.30.19290878
    • VMware_bootbank_cpu-microcode_7.0.2-0.30.19290878
    • VMware_bootbank_clusterstore_7.0.2-0.30.19290878
    • VMware_bootbank_vdfs_7.0.2-0.30.19290878
    • VMware_bootbank_crx_7.0.2-0.30.19290878
    • VMware_bootbank_vsan_7.0.2-0.30.19290878
    • VMware_bootbank_gc_7.0.2-0.30.19290878
    • VMware_bootbank_native-misc-drivers_7.0.2-0.30.19290878
    • VMware_bootbank_esx-base_7.0.2-0.30.19290878
    • VMware_bootbank_esx-xserver_7.0.2-0.30.19290878
    • VMware_bootbank_vsanhealth_7.0.2-0.30.19290878
    • VMware_bootbank_esx-update_7.0.2-0.30.19290878
    • VMware_bootbank_loadesx_7.0.2-0.30.19290878
    PRs Fixed N/A
    Related CVE numbers CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043
    • This patch updates the following issue:
      • This release resolves CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, and CVE-2021-22043. For more information on these vulnerabilities and their impact on VMware products, see VMSA-2022-0004.

    ESXi Image - ESXi70U2e-19290878
    Name ESXi
    Version 70U2e-19290878
    Release Date February 15, 2022
    Category Security
    Affected Components​
    • ESXi
    • ESXi Install/Upgrade Component
    PRs Fixed  N/A
    Related CVE numbers CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043

      Known Issues from Earlier Releases

      To view a list of previous known issues, click here.

      check-circle-line exclamation-circle-line close-line
      Scroll to top icon