L1TF related “esx.problem.hyperthreading.unmitigated” vCenter Server Updates: CVE-2018-3646
search cancel

L1TF related “esx.problem.hyperthreading.unmitigated” vCenter Server Updates: CVE-2018-3646


Article ID: 310322


Updated On:


VMware vSphere ESXi


After applying the ESXi patches in VMSA-2018-0020 or patches from later releases, vCenter Server displays one of these L1 Terminal Fault related notifications:
XXX esx.problem.hyperthreading.unmitigated.formatonhost not found XXX




VMware vSphere ESXi 7.0.x
VMware vSphere ESXi 6.0
VMware vSphere ESXi 6.7
VMware vSphere ESXi 5.5
VMware vSphere ESXi 6.5


The ESXi patches available in VMSA-2018-0020 to mitigate CVE-2018-3646 introduced a new notification to indicate the remediation status of the 'L1 Terminal Fault' (L1TF - VMM) vulnerability. When ESXi is updated before vCenter, either manually or through vSphere Update Manager, the internal reference for the message from the host instead of the intended one is displayed. With an US English locale, the notification reads:

This host is potentially vulnerable to issues described in CVE-2018-3646, please refer to https://kb.vmware.com/s/article/55636 for details and VMware recommendations.


Update vCenter, this will translate the internal reference notification into the respective language. If you would like to suppress the notification regardless of how it is displayed, you can do so by changing the value of the ESXi advanced option UserVars.SuppressHyperthreadWarning from 0 to 1. Note that this should only be done after reviewing KB 55806 and its related articles.

Note: In case the warning still shows up after making the above changes, the Host may need to be rebooted for the changes to take effect.

Additional Information

VMware Skyline Health Diagnostics for vSphere - FAQ
For steps to modify ESXi advanced options, see Configuring advanced options for ESXi/ESX.
For more information about this option, see the VMware vCenter Server 6.7.0d Release Notes.
For other ways to suppress the notification, see HTAware Mitigation Tool Overview and Usage.