Portal Home > Knowledgebase > VMware Knowledge Base > ESX Server 3.5, Patch ESX350-200805501-BG: Updates to VMkernel and Multiple RPMs

ESX Server 3.5, Patch ESX350-200805501-BG: Updates to VMkernel and Multiple RPMs


Details

Release Date: 03 JUNE 2008 
Document Last Updated: 03 JUNE 2008

 

Download Size: 
205 MB 
Download Filename: 
ESX350-200805501-BG.zip 
md5sum: 
31a620aa249c593c30015b5b6f8c8650

Product VersionsESX Server 3.5
Patch ClassificationCritical, Security
SupersedesESX350-200712409-BG, ESX350-200712410-BG, ESX350-200802401-BG, ESX350-200802411-BG, ESX350-200802412-BG, ESX350-200803202-UG, ESX350-200804401-BG, ESX350-200804402-BG, ESX350-200804403-BG
RequiresESX350-200805502-BG
Virtual Machine Migration or Reboot RequiredYes
ESX Server Host Reboot RequiredYes
PRs Fixed244313, 244316, 259537, 259574, 240167, 249259, 257330, 245837, 222693, 254703, 247845, 246346, 202510, 241474, 186833, 249223, 226278, 203511, 144382, 225506
Affected HardwareNIC drivers with MSI/MSI-x enabled
Affected Software
  • Guest operating systems configured with N_Port ID Virtualization (NPIV)
  • Windows 2008 guest operating systems
     
  • Solaris 10 Update 4, 64-bit virtual machines
     
RPMs Included
VMware-esx-apps
VMware-esx-tools
VMware-esx-vmkctl 
VMware-esx-vmkernel
VMware-esx-vmx
VMware-hostd-esx
Related CVE numbersCVE-2008-2100

 

Solution

Summaries and Symptoms

Issues fixed in this patch (and their relevant symptoms, if applicable) include:
  • Buffer overflow vulnerabilities are present in the VIX API. Exploitation of these vulnerabilities might result in code execution on the host system or on the service console in ESX Server from the guest operating system.  (PRs 244313, 244316, 259537, 259574)

    The VIX API (also known as "Vix") is an API that lets users write scripts and programs to manipulate virtual machines. It is high-level, easy to use, and practical for both script developers and application programmers.

    The VIX API can be enabled and disabled using the vix.inGuest.enable setting in the VMware configuration file. This default value for this setting is "disabled."

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-2100 to this issue.

  • Suspending Windows 2008 virtual machines that are in standby mode might cause these virtual machines to crash. (PR 240167)

  • Increased the default memory and disk sizes for Windows Server 2008 guest operating systems to prevent possible performance or installation issues. (PR 249259) 

    • The recommended memory has been changed from 1G to 2G for both 32-bit and 64-bit guests.

    • The minimum memory remains the same for both at 512MB.

    • The maximum memory remains the same for both at 64GB.

    • The recommended disk space has been changed to 40GB from 24GB (64-bit guests) and 16GB (32-bit guests).

  • Solaris 10 Update 4, 64-bit graphical installation failed with the default virtual machine RAM size of 512MB. The default RAM size for a Sun Solaris 10 (64-bit) virtual machine is now 580MB. (PR 257330)

    Symptoms:

    • The X server starts and remains displaying the root window (no X clients) for five to ten minutes, then quits and returns you to the text console.

    • The X server starts and crashes shortly thereafter with various X server errors. 

  • Performance improvements in VMkernel IOAPIC writes. (PR 245837)

  • Missing punctuation in some paragraphs that describe network configuration options, found in the Advanced Settings dialog box. (PR 222693)

  • Potential crash (PSOD) in the VMkernel LVM driver. (PR 254703)

    Symptoms: In the presence of spanned volumes that are in use, rare error conditions that might happen when a rescan is performed might cause the system to crash (PSOD).

  • Certain malicious or flawed guest drivers can cause a VMkernel crash (PSOD). (PR 247845)

  • VMware NetQueue does not work properly with some NIC drivers when MSI/MSI-x is enabled. (PR 246346)

  • Device ID informational logs (VMWARE SCSI Id:) sometimes exceeded the maximum length, which prevented log scrolling on logterm. (PR 202510)

    Symptoms: This situation could cause a serial port listener to stall.

  • ESX Server panics while powering on a virtual machine configured with NPIV, when the system is running multiple virtual machines configured with NPIV. (PR 241474)

  • Optimize VMotion IGMP reconnection lag. (PR 186833)

    Symptoms: IGMP users formerly lost connectivity to their IGMP applications as a result of a VMotion or teaming failover for up to 1 minute (or more depending on how often the IGMP router is configured to send IGMP General Queries). This change makes the IGMP downtime similar to normal VMotion downtime, which should not be more than a few seconds.

  • After changing the CPU affinity for a virtual machine (from the VI Client by choosing Edit Settings > Resources >Advanced CPU), the virtual machine no longer needs to be powered off and on again for the change to take effect. (PR 249223)

  • The esxcfg-vswif man page now includes the following information. In order for the command esxcfg-vswif -cto work, vswif must be enabled. (PR 226278)

  • The manual page of esxcfg-vswif now describes the -s option as the short form of --disable, and the -D option as the short form of --disable-all(PR 203511)

  • A fix to allow the vm-support script to upload all the data it collects from a Windows guest to the virtual machine's log file,vmware.log. (PR 144382)

  • An error message now displays to alert users that connecting to a remote client device from a Linux guest's VMware Tools is not possible. (PR 225506)

     

Deployment Considerations

This bundle contains a VMkernel compatibility fix and therefore should not be installed with the esxupdate command's --noreboot option. The ESX Server system must be rebooted immediately after this bundle is installed.
 
Also, manually restarting hostd after applying this bundle with --noreboot will fail. To recover from this mistake, reboot the host

Based on VMware KB 1004637

Also Read

Language: