My customer account My customer account (#NIC#) ┃ Contact Sales ┃ Webmail ┃

Support ▾

┃

Resources ▾

┃ OVHcloud Blog

Welcome to OVHcloud.

Go to Webmail

Bare Metal Cloud
- Dedicated Servers
  ProductsAll OVHcloud Dedicated Servers
  Rise ServersThe most affordable bare-metal servers offered by OVHcloud.
  Advance ServersFor companies looking to invest in versatile servers.
  Infrastructure ServersComputing capacity and storage adapted to server clusters.
  Storage ServersServers for archiving, backup, and distributed storage.
  Scale ServersSpecifically designed for complex, high-resilience infrastructures.
  High Grade ServersThe most powerful servers, optimised for critical loads.
  Game ServersFor video games and streaming platforms.
  Use cases
  Hyperconverged infrastructure (HCI)Proxmox VE, OpenStackSoftware-defined storage (SDS)Netapp, Ceph, OpenIO, ScalityVirtualisation and containerisationVMware ESXi, Proxmox VE, KVM, Citrix XenServer, Microsoft Hyper-V, Docker, Kubernetes, Apache MesosBig data and analyticsHadoop, Cloudera, Spark, Solr, ElasticsearchArchiving and backuprestic, rsync
- Virtual Private Servers
  Virtual Private Servers
  All VPS solutionsView our full range of Virtual Private Servers
  Distributions and licencesSee all our distributions and licences
  Help
- Managed Bare Metal
  Managed Bare Metal
  Managed Bare Metal Essentials powered by VMware®Your virtual infrastructure managed by OVHcloud
- Storage and backups
  Storage and backups
  All our storage solutionsView all our storage solutions
  NASCentralised storage and backup space for your data.
  Backup StorageIncrease your server backup capacity
  Storage ServersServers with more disk space to store large amounts of da...
  Veeam Cloud ConnectActivate, back up, restore.
  Veeam EnterpriseFull access to the Veeam Backup Replication administratio...
- Managed Big Data Clusters
- Data Platforms
  Data Platforms
  Logs Data PlatformIndex and analyse your logs in real time. Receive alerts ...
- Enterprise Cloud Databases
- Network and security solutions
  Network and security solutions
  All our network solutionsChoose the best options to enhance and secure your infras...
  Failover IPAn IP you can transfer between servers
  vRackConnect all of your infrastructures privately across the ...
  OVHcloud ConnectConnect your datacentre to OVHcloud
  BandwidthUpgrade your default guaranteed bandwidth
  Load BalancersScale to meet your demand with any of our cloud solutions...
  Anti-DDoS Keep your dedicated infrastructures protected against DDo...
  CDN InfrastructureA dedicated CDN to complement your OVHcloud products
Hosted Private Cloud
Hosted Private Cloud
Get started Hosted Private Cloud
Quick Access
Public Cloud
Public Cloud
Get started Public Cloud
Quick Access
Web Cloud
Web Cloud
Get started Web Cloud
Quick Access
Enterprise
Enterprise
Get started Enterprise
Quick Access
Programs
Programs
Quick Access
About
About
Quick Access

Checking and applying patches for Spectre/Meltdown vulnerabilities on your hosts

Find out how to apply patches for the Spectre and Meltdown vulnerabilities

Objective

To find general information on Spectre and Meltdown, please refer to our detailed guide and our guide for each OS.

This guide will explain how to apply patches for the Spectre and Meltdown vulnerabilities.

Requirements

You must have a user account with access to vSphere.

Instructions

As a reminder:

Variant	Vulnerable?	Fixed by the patch?
Variant 1: bounds check bypass (CVE-2017-5753) - Spectre	YES	YES
Variant 2: branch target injection (CVE-2017-5715) - Spectre	YES	YES
Variant 3: rogue data cache load (CVE-2017-5754) - Meltdown	NO

Meltdown (CVE-2017-5754) does not affect ESXI because ESXI does not run non-verified user codes.

For Private Cloud solutions, there is planned scheduled maintenance to apply a patch for this vulnerability automatically on vulnerable hosts. You can find information about this scheduled maintenance on the associated task (English translation below French text).

Check the host version

To check your host version, log in to your vSphere interface and go to the host summary, in the Configuration section:

Host configuration section

The corrected versions are as follows:

ESXi 6.5: 7388607
ESXi 6.0: 6921384
ESXi 5.5: 6480324

If you have an older version of these builds, you will need to update your host. As a reminder, an automatic update will be scheduled by OVH. However, you can also perform this update manually.

Update your host with the patch associated with the vulnerability

Update your host by switching it to maintenance mode (your host will be rebooted during the procedure), and use the VMWare Update Manager plugin.

The patches are as follows:

ESXi 6.0 – ESXi600-201711101-SG
ESXi 5.5 – ESXi550-201709101-SG

This version 5.5 patch is only for CVE-2017-5715, not CVE-2017-5753.

Configuration

In the list of patches, you can use the filter so that only the patch you are searching for appears. This way, you can just select this patch.

Configuration

After the update is complete, your host will no longer be vulnerable, and you can use it again.

Go further

Join our community of users on https://community.ovh.com/en/.

Did you find this guide useful?

Please feel free to give any suggestions in order to improve this documentation.

Whether your feedback is about images, content, or structure, please share it, so that we can improve it together.

Your support requests will not be processed via this form. To do this, please use the "Create a ticket" form.

Thank you. Your feedback has been received.

OVHcloud Community

Access your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

Discuss with the OVHcloud community