Posted On December 23, 2020

VMWare CVE-2018-3646 Mitigation

kimconnect 0 comments
blog.KimConnect.com >> Virtualization , Windows >> VMWare CVE-2018-3646 Mitigation
Enable ESXi Side-Channel-Aware Scheduler Version 2 (SCAv2) using ESXCLI
  1. SSH to an ESXi host or open a console where the remote ESXCLI is installed
  2. Check the current runtime values by running:
    • esxcli system settings kernel list -o hyperthreadingMitigation and esxcli system settings kernel list -o hyperthreadingMitigationIntraVM
  3. To enable the ESXi Side-Channel-Aware Scheduler Version 1 run these commands:
    • esxcli system settings kernel set -s hyperthreadingMitigation -v TRUE
    • esxcli system settings kernel set -s hyperthreadingMitigationIntraVM -v FALSE
  4. Reboot the ESXi host for the configuration change to go into effect:
    • Default Method:
      • Get List of running VMs: esxcli vm process list
      • Kill VMs: esxcli vm process kill -type=[soft|hard|force] -world-id=[worldid]
    • Alternative method:
      • List all vms: vim-cmd vmsvc/getallvms
      • vim-cmd vmsvc/power.shutdown [vmid]
      • reboot -d 300 -f

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Linux: How to Create RSA Keys and SSH Agent

Step 1: Generate RSA Key # Command to generate rsa key for Ubuntu Linuxssh-keygen -t…

Hyper-V Virtual Machines Won’t Start on Restore or Live Migration

Symptom: Cluster resource of type 'Virtual Machine' in clustered role failed. The error code was…

PowerShell: Fix Clustered Disk Errors

# fixClusterDiskErrors.ps1function selectClusterName{ param($domainName=$env:USERDNSDOMAIN) write-host "Now scanning $domainName for all available cluster names. This may…