Vulnerabilities Citrix patched in Hypervisor this week could allow for code executed in a virtual machine to cause denial of service on the host.
Formerly XenServer, Citrix Hypervisor is an open-source platform for virtualization (desktop, server, and cloud), allowing for the deployment of multiple virtual machines onto the same server, and offering integration with existing infrastructure.
Tracked as CVE-2021-28038 and CVE-2021-28688, the newly addressed vulnerabilities could be abused to cause the host to crash or become unresponsive. For that, an attacker would have to be able to execute privileged code in a guest virtual machine, Citrix explains.
The two vulnerabilities were found to impact all currently supported Hypervisor versions, including version 8.2 LTSR.
CVE-2021-28038 is a vulnerability identified in Linux kernel through 5.11.3, as used with Xen PV, and exists because of the lack of the necessary treatment for errors in the netback driver, leading to the host OS denial of service “during misbehavior of a networking frontend driver.”
CVE-2021-28688, on the other hand, was found to impact all Linux versions that include the fix for CVE-2021-26930 (XSA-365), a bug that impacts blkback’s grant mapping.
The new vulnerability could allow for a malicious or buggy frontend driver to cause resource leaks from a corresponding backend driver, thus leading to denial of service on the host. Linux versions as far back as 3.11 are likely affected.
Citrix this week also patched a third vulnerability (CVE-2020-35498) that affects Hypervisor 8.2 LTSR only, and which could result in malicious network traffic causing subsequent packets to be dropped.
The tech giant has released hotfixes that patch these vulnerabilities and is urging customers to apply these hotfixes as soon as possible. Furthermore, the company says it is notifying both customers and channel partners of these flaws.
The Cybersecurity and Infrastructure Security Agency (CISA) today issued a notification to encourage users and admins to review Citrix’ advisory and apply the available hotfixes.
“Citrix has released security updates to address vulnerabilities in Hypervisor (formerly XenServer). An attacker could exploit some of these vulnerabilities to cause a denial-of-service condition,” CISA notes.
Related: Citrix Releases Updates to Prevent DDoS Attacks
Related: Organizations Quick to Patch Critical Citrix ADC Vulnerability
More from Ionut Arghire
- BreachForums Shut Down Over Law Enforcement Takeover Concerns
- Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
Latest News
- BreachForums Shut Down Over Law Enforcement Takeover Concerns
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Malware Trends: What’s Old Is Still New
- Burnout in Cybersecurity – Can it be Prevented?
- Spain Needs More Transparency Over Pegasus: EU Lawmakers
- Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA
- Virtual Event Today: Supply Chain & Third-Party Risk Summit
- Google Suspends Chinese Shopping App Amid Security Concerns
