Details
Profile NameESXi-5.5.0-20180904001-standardBuildFor build information, see KB 57478.VendorVMware, Inc.Release DateSeptember 13, 2018Acceptance LevelPartnerSupportedAffected HardwareN/AAffected SoftwareN/AAffected VIBs
VMware_bootbank_esx-base_5.5.0-3.124.9919047VMware_bootbank_ipmi-ipmi-devintf_39.1-4vmw.550.3.124.9919047VMware_bootbank_ipmi-ipmi-si-drv_39.1-4vmw.550.3.124.9919047
PRs Fixed1833719, 1895743, 2010527, 2027063, 2078747, 2107697, 2120513, 2147702, 1980599Related CVE numbersN/A
Solution
Summaries and Symptoms
This patch updates the following issue:
When a Linux virtual machine configured to use EFI firmware reboots, the operating system might stop responding during a consecutive boot. This is more likely to occur upon a third or subsequent reboot and if the virtual machine is configured with at least several gigabytes of RAM. For more information, see VMware knowledge base article https://kb.vmware.com/s/article/52792.A high rate of InternalStatsCollector query tasks might cause the ESXi service hostd to run out of memory and fail.If an invalid advanced kernel option is queried with the method OptionManger.queryView(), this might result in a memory leak. In such situation, all subsequent requests for advanced kernel options result in more memory leaks. These leaks might eventually fail hostd with an out-of-memory error.The OpenSSH version is updated to 7.5p1.High number of event tasks, specifically multiple EventHistoryCollector tasks, might exceed the memory limit of the hostd process and make it fail intermittently.If you use the Managed Object Browser and run any third party security scanner, you might not see the following HTTP security headers: Content-Security-Policy, Strict-Transport-Security and X-Content-Type-Options.Due to a memory leak, the IPMI driver might stop responding to queries. As a result, the hardware status of ESXi hosts might display as blank and the heap memory of the IPMI driver might be exhausted.
Deployment Considerations
None beyond the required patch bundles and reboot information listed in the table above.
Patch Download and Installation
An ESXi system can be updated using the image profile, by using the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide. ESXi hosts can also be updated by manually downloading the patch ZIP file from the Patch Manager Download Portal and installing the VIB by using the esxcli software vibcommand.
