vSphere 8U1 – Deep dive on configuring NVMe-oF (Non-Volatile Memory Express over Fabrics) for VMware vSphere datastores.
What’s new
With vSphere 8.0 update 1, VMware has completed their journey to a completely native end-to-end NVMe storage stack. Prior to 8.0U1, there was a SCSI translation layer which added some complexity to the stack and slightly decreased some of the efficiencies inherent in the NVMe protocol.
If you have a supported Trusted Platform Module (TPM) device that has been installed in your ESXi host after the initial installation and you either replace the TPM chip and/or you reset the TPM keys within the system BIOS, you may find several TPM alarms that is raised within your vCenter Server including: Host TPM […]
Breakouts, Tutorials, and Meet-the-Experts With Explore in Las Vegas approaching, and the catalogue now live, I wanted to draw your attention to some of the vSphere-specific technical session we’ll have at the show. Make sure to add them to your favorites after registration to get the latest and most detailed technical information, specific to vSphere and vSphere announcements. Yes, these are
VMware vCenter Server heap-overflow vulnerability (CVE-2023-20892)
Description: The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
Known Attack Vectors: A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
VMware vCenter Server use-after-free vulnerability (CVE-2023-20893)
Description: The vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
Known Attack Vectors: A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
VMware vCenter Server out-of-bounds write vulnerability (CVE-2023-20894)
Description: The vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1.
Known Attack Vectors: A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
VMware vCenter Server out-of-bounds read vulnerability (CVE-2023-20895)
Description: The vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1
Known Attack Vectors: A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
VMware vCenter Server out-of-bounds read vulnerability (CVE-2023-20896)
Description: The vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9.
Known Attack Vectors: A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).
We are kicking off vSphere LIVE for the summer. Block your calendar off for next Tuesday, June 13 from 10 to 11 AM Pacific (-0700) to stop by the vSphere YouTube channel, wherein I, Bob Plankers, will be talking about WHY you should upgrade to vSphere 8. We’ll go over some of the big features … Continued The post vSphere LIVE: Why Upgrade to vSphere 8? appeared first on VMware vSphere Blog.
VMware’s Modern Apps and Multi-Cloud Livefire deliveries make use of a Horizon Ubuntu Desktop that I built and maintain. This video provides a tour of the features […]
Whether you are using the classic Enhanced vMotion Compatibility (EVC) on a vSphere Cluster or the new Per-VM EVC capability, the usable (user-level) CPU features from an ESXi host are then presented down into a Virtual Machine for consumption. If you wanted to see what which CPU features are exposed for a particular VM or […]
This video will teach how use the Mulit-Cloud Overview as well as the Launchpad within VMware Aria Operations. This video was designed to show new users some of the features that can be utilized within the first day of deployment. Topics covered include Alerts, Dashboards, Capacity, Rightsizing, Reclamation, Cost, Compliance, and Sustainability.
