Denial of Service vulnerability in ESXi – July 2019

There is a new vulnerability on ESXi that allows attackers to make ESXi server unresponsive and ESXi management functionality will be unavailable. It seems, there is no affect on virtual machine but it will cause of hostd service unresponsive.

It’s recommended that protect ESXi servers by customizing firewall rules and allows trusted clients because multiple logon attempts may be generated by attacker.

If your servers were under attack, then you should restart hostd service and reboot is not necessary.

Workarounds

The below KB describes the workaround for issue:

https://kb.vmware.com/s/article/67920

Resulotion

This issue affecting ESXi 6.5 and 6.7. Patch is pending for ESXi 6.7 at this time but there is a patch for ESXi 6.5. ESXi 6.0 is not affected.

ProductVersionRunning OnCVE IdentifierCVSSV3SeverityFixed VersionWorkaroundsAdditional Documents
ESXi6.7AnyCVE-2019-5528
5.3ModeratePatch Pendingkb67920None
ESXi6.5AnyCVE-2019-5528
5.3ModerateESXi650-201907201-UGkb67920None
ESXi6.0AnyCVE-2019-5528
N/AN/AUnaffectedN/AN/A

Further Reading

ESXi Fails with “Corruption in dlmalloc” on HPE Server

[Script]: Enable/Disable vMotion on VMKernel Ports via PowerCLI

Why Device Bay IP Doesn’t Change in HPE BladeSystem?

Davoud Teimouri

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018/2019, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *