When performing a Live Patch that contains fixes for the VMKernel, the lifecycle manager (vLCM) runs prechecks on each patched ESX host. Some of these patches require the ability to scan the system to ensure no unpatched code is still running after the patch activation. However, some VMkernel modules are known to be incompatible with such scanning. If these modules are loaded on the ESX host, the system will be reported as incompatible with live patching and the following error message will be reported: “VMKernel Live Patch is incompatible because the following modules cannot be scanned for completion of unpatched code execution: [...]”

ESX 9.1.x

Incompatible modules are loaded on the ESX host. On VCF 9.1.0, the list of such modules is: * emcp * nvidia * nvidia-gpu * scini

To be compatible with Live-Patch, these modules need to be unloaded. If that is not possible or not wanted, the host is incompatible with Live-Patch and other upgrade methods (e.g. reboot) should be used.

The command to unload a module is `esxcfg-module --unload <mod_name>`. It is also possible to prevent the module from being loaded during the next boot by using the following command: `esxcfg-module --disable <mod_name>`.