Denial of Service vulnerability in ESXi – July 2019

There is a new vulnerability on ESXi that allows attackers to make ESXi server unresponsive and ESXi management functionality will be unavailable. It seems, there is no affect on virtual machine but it will cause of hostd service unresponsive.

It’s recommended that protect ESXi servers by customizing firewall rules and allows trusted clients because multiple logon attempts may be generated by attacker.

If your servers were under attack, then you should restart hostd service and reboot is not necessary.


The below KB describes the workaround for issue:


This issue affecting ESXi 6.5 and 6.7. Patch is pending for ESXi 6.7 at this time but there is a patch for ESXi 6.5. ESXi 6.0 is not affected.

ProductVersionRunning OnCVE IdentifierCVSSV3SeverityFixed VersionWorkaroundsAdditional Documents
5.3ModeratePatch Pendingkb67920None

Further Reading

ESXi Fails with “Corruption in dlmalloc” on HPE Server

[Script]: Enable/Disable vMotion on VMKernel Ports via PowerCLI

Why Device Bay IP Doesn’t Change in HPE BladeSystem?

Davoud Teimouri

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018/2019, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our newsletter and join other subscribers

Holler Box