Posted On December 23, 2020

VMWare CVE-2018-3646 Mitigation

kimconnect 0 comments
blog.KimConnect.com >> Virtualization , Windows >> VMWare CVE-2018-3646 Mitigation
December 23, 2020December 23, 2020 kimconnectkimconnect 0 Comments
Enable ESXi Side-Channel-Aware Scheduler Version 2 (SCAv2) using ESXCLI
  1. SSH to an ESXi host or open a console where the remote ESXCLI is installed
  2. Check the current runtime values by running:
    • esxcli system settings kernel list -o hyperthreadingMitigation and esxcli system settings kernel list -o hyperthreadingMitigationIntraVM
  3. To enable the ESXi Side-Channel-Aware Scheduler Version 1 run these commands:
    • esxcli system settings kernel set -s hyperthreadingMitigation -v TRUE
    • esxcli system settings kernel set -s hyperthreadingMitigationIntraVM -v FALSE
  4. Reboot the ESXi host for the configuration change to go into effect:
    • Default Method:
      • Get List of running VMs: esxcli vm process list
      • Kill VMs: esxcli vm process kill -type=[soft|hard|force] -world-id=[worldid]
    • Alternative method:
      • List all vms: vim-cmd vmsvc/getallvms
      • vim-cmd vmsvc/power.shutdown [vmid]
      • reboot -d 300 -f
Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

How to transport Outlook contacts

Export your contacts from Outlook: In Outlook, on the File menu, click Import and Export.…

Read More

How To Fix Windows Corrupted Profile

Error messages: - We can't sign into your account. This problem can often be fixed…
Post Image

Read More

PowerShell: Windows Systems State Backup Daily

# Windows-Systems-State-Backup-V0.1.ps1## What this script does:# 1. Create a Windows Scheduled task on an Active…