Vulnerabilities in Citrix Xenserver and Hypervisor
Attackers can take over Citrix solutions - Updates available
There are currently various vulnerabilities in Citrix Xenserver and Hypervisor. Updates are already available and should be installed as soon as possible. The vulnerabilities allow attackers to take over entire systems.
Citrix is currently warning of several vulnerabilities in the Xenserver and Hypervisor products. Updates are already available, which admins should install as soon as possible.
The security messages run under the identifiers CVE-2023-46842, CVE-2024-2201 and CVE-2024-31142. The identified vulnerabilities allow malicious code in a guest VM to read the memory contents of other VMs on the same host. CVE-2024-2201 only affects systems with Intel CPUs, while CVE-2024-31142 is only applicable to AMD CPUs.
Additionally, another vulnerability, labeled CVE-2023-46842, has been discovered that allows privileged malicious code in a guest VM to crash the host. This vulnerability affects all deployment configurations.
Citrix provides updates
Citrix has provided updates and a hotfix for affected versions. XenServer 8 users should install the update from the Early Access or Normal channels as described in the update instructions on the Citrix website. For users of Citrix Hypervisor 8.2 CU1 LTSR, a hotfix is available for download and installation from the Citrix support page. The updates are available on the bulletin page of the gaps. The installation should be done as soon as possible.