VMware ESXi 6.5 patch upgrade

Enterprise 2021-04-01 18:08:31 views: null

1. Background

esxi 6.5 has a vulnerability, number CVE-2020-3992, vulnerability description: VMwareESXiOpenSLP remote code execution vulnerability (CVE-2020-3992). When the hacker is in the management network (management network), a user-after-free vulnerability of the OpenSLP service can be triggered through port 427 to execute arbitrary code remotely.

In order to fix the vulnerability, it was decided to perform an upgrade operation.

2. Environmental description

ip address esxi version Current build number Target build number Patch
172.27.34.90 6.5 4887370 17477841 ESXi650-202102001.zip

Three, version view

1. View the internal version number

"Help"-"About"

image-20210331155522410

The current internal version number is 4887370

2. View all versions

https://kb.vmware.com/s/article/2143832?lang=en_us

3. Current version

image-20210331160553981

The internal version 4887370 corresponds to ESXi 6.5.0 a

4. Target version

image-20210401095038321

Checking the target version is to confirm the download of the patch package. Here, the latest version is selected as the target version ESXi 6.5 P06, and the corresponding internal version is 17477841

Four, patch download

Patch package download address:

https://my.vmware.com/group/vmware/patch#search

image-20210331161304124

Download the latest patch package corresponding to esxi 6.5

Five, close the virtual machine

image-20210331161419783

The virtual machine needs to be shut down before the upgrade

Six, upload the patch package

image-20210331161922993

image-20210331164811354

image-20210331164905918

Upload the patch package via "Data Storage Browser"

Seven, enter the maintenance mode

image-20210331164942783

image-20210331165000967

image-20210331165026249

Patch upgrades need to be performed in maintenance mode

Eight, open the command line mode

1. Enable ssh

image-20210331165430781

2. Use crt to remotely log in to the system

image-20210331165814782

Nine, version upgrade

[root@localhost:/vmfs/volumes/5df883d8-7aaba396-fca3-5cf3fc4e4d40] pwd
/vmfs/volumes/datastore1
[root@localhost:/vmfs/volumes/5df883d8-7aaba396-fca3-5cf3fc4e4d40] ls -l|grep 2021
-rw-r--r--    1 root     root     483794868 Mar 31 08:49 ESXi650-202102001.zip
[root@localhost:/vmfs/volumes/5df883d8-7aaba396-fca3-5cf3fc4e4d40] esxcli software vib install -d "/vmfs/volumes/datastore1/ESXi650-202102001.zip" --no-sig-check

image-20210331171523379

Please add the parameter "--no-sig-check" to the upgrade command to prevent errors

10. Restart the system

[root@localhost:/vmfs/volumes/5df883d8-7aaba396-fca3-5cf3fc4e4d40] reboot

11. Review

image-20210331172220968

The version was successfully upgraded from 4887370 to 17477841

12. Exit maintenance mode

image-20210331172424976

Exit maintenance mode and restart the virtual machine

 
 

Change complete

Guess you like

Origin blog.51cto.com/3241766/2679229
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com