Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Citrix Patches DoS Vulnerabilities in Hypervisor

Vulnerabilities Citrix patched in Hypervisor this week could allow for code executed in a virtual machine to cause denial of service on the host.

Vulnerabilities Citrix patched in Hypervisor this week could allow for code executed in a virtual machine to cause denial of service on the host.

Formerly XenServer, Citrix Hypervisor is an open-source platform for virtualization (desktop, server, and cloud), allowing for the deployment of multiple virtual machines onto the same server, and offering integration with existing infrastructure.

Tracked as CVE-2021-28038 and CVE-2021-28688, the newly addressed vulnerabilities could be abused to cause the host to crash or become unresponsive. For that, an attacker would have to be able to execute privileged code in a guest virtual machine, Citrix explains.

The two vulnerabilities were found to impact all currently supported Hypervisor versions, including version 8.2 LTSR.

CVE-2021-28038 is a vulnerability identified in Linux kernel through 5.11.3, as used with Xen PV, and exists because of the lack of the necessary treatment for errors in the netback driver, leading to the host OS denial of service “during misbehavior of a networking frontend driver.”

CVE-2021-28688, on the other hand, was found to impact all Linux versions that include the fix for CVE-2021-26930 (XSA-365), a bug that impacts blkback’s grant mapping.

The new vulnerability could allow for a malicious or buggy frontend driver to cause resource leaks from a corresponding backend driver, thus leading to denial of service on the host. Linux versions as far back as 3.11 are likely affected.

Citrix this week also patched a third vulnerability (CVE-2020-35498) that affects Hypervisor 8.2 LTSR only, and which could result in malicious network traffic causing subsequent packets to be dropped.

Advertisement. Scroll to continue reading.

The tech giant has released hotfixes that patch these vulnerabilities and is urging customers to apply these hotfixes as soon as possible. Furthermore, the company says it is notifying both customers and channel partners of these flaws.

The Cybersecurity and Infrastructure Security Agency (CISA) today issued a notification to encourage users and admins to review Citrix’ advisory and apply the available hotfixes.

“Citrix has released security updates to address vulnerabilities in Hypervisor (formerly XenServer). An attacker could exploit some of these vulnerabilities to cause a denial-of-service condition,” CISA notes.

Related: Citrix Releases Updates to Prevent DDoS Attacks 

Related: Organizations Quick to Patch Critical Citrix ADC Vulnerability

Related: Hackers Scanning for Vulnerable Citrix Systems 

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights