j a m i e

ESXi CVE-2018-3646 (55806) and how to mitigate it.

I updated my servers before grabbing a screenshot of the message in ESXi, it’s something like this,

Your host may be susceptible to Intel CPU CVE-2018-3646 (55806) - See https://kb.vmware.com/s/article/55806 for more details. 

The fix I ran with was enabling shell on the hypervisors and

esxcli system settings kernel list -o hyperthreadingMitigation

If it comes back as False, you'll want to do this,

esxcli system settings kernel set -s hyperthreadingMitigation -v TRUE

Disable secure SSH for all hosts, and reboot and you're all done.