Dear team 

    My Guest os (CentOS 6.5 ,kernel version 2.6.32-696.18.7.el6.x86_64) is running in ESXI server (VMware ESXi 5.5.0 build-6480324, 

patch ESXi550-201709001.zip was applied ) . 

    I installed all the packages mention in https://lists.centos.org/pipermail/centos-announce/2018-January/

    The list of installed packages are ->

kernel-debug-devel-2.6.32-696.18.7.el6.i686

    kernel-2.6.32-696.18.7.el6.x86_64

kernel-doc-2.6.32-696.18.7.el6.noarch

kernel-debug-2.6.32-696.18.7.el6.x86_64

kernel-devel-2.6.32-696.18.7.el6.x86_64

kernel-debug-devel-2.6.32-696.18.7.el6.x86_64

libreport-plugin-kerneloops-2.0.9-19.el6.centos.x86_64

abrt-addon-kerneloops-2.0.8-21.el6.centos.x86_64

dracut-kernel-004-409.el6_8.2.noarch

kernel-headers-2.6.32-696.18.7.el6.x86_64

kernel-firmware-2.6.32-696.18.7.el6.noarch

kernel-abi-whitelists-2.6.32-696.18.7.el6.noarch

    dracut-004-409.el6_8.2.noarch

    dracut-kernel-004-409.el6_8.2.noarch

elfutils-libs-0.164-2.el6.x86_64

elfutils-0.164-2.el6.x86_64

elfutils-libelf-devel-0.164-2.el6.x86_64

elfutils-libelf-0.164-2.el6.x86_64

elfutils-devel-0.164-2.el6.x86_64

microcode_ctl-1.17-25.2.el6_9.x86_64

python-perf-2.6.32-696.18.7.el6.x86_64

perf-2.6.32-696.18.7.el6.x86_64    

I used a tool https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh to 

detect if meltdown and spectre got fixed . Spectre Variant 1 and Meltdown got fixed but not Variant 2 .

"CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2'

* Mitigation 1

*   Hardware (CPU microcode) support for mitigation:  YES

*   Kernel support for IBRS:  YES

*   IBRS enabled for Kernel space:  NO

*   IBRS enabled for User space:  NO

* Mitigation 2

*   Kernel compiled with retpoline option:  NO

*   Kernel compiled with a retpoline-aware compiler:  NO

> STATUS:  VULNERABLE  (IBRS hardware + kernel support OR kernel with retpoline are needed to mitigate the vulnerability)"

Thanks in advance 

Thanks and regards

       AKSHAR