Home > All, Citrix, XenServer > #Citrix #XenServer Multiple Security Updates released

#Citrix #XenServer Multiple Security Updates released

February 27, 2013 Leave a comment Go to comments

Severity: Medium

Description of Problem

A number of security vulnerabilities have been identified in Citrix XenServer. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including version 6.1.

The following vulnerabilities have been addressed:

• interrupt remap entries shared and old ones not cleared on AMD IOMMUs (CVE-2013-0153)

• oxenstored incorrect handling of certain Xenbus ring states (CVE-2013-0215)

• Linux netback DoS via malicious guest ring (CVE-2013-0216, CVE-2013-0217)

• Linux pciback DoS via not rate limited log messages (CVE-2013-0231)

What Customers Should Do

Hotfixes have been released to address these issues in all supported versions and update levels of Citrix XenServer. Citrix recommends that customers using Citrix XenServer identify and apply all the hotfixes that relate to their deployed versions.

Customers using XenServer with AMD CPUs that pass through PCI devices (e.g. using the GPU passthrough feature) should review the hotfix release notes below for more information relevant to their specific deployments.

Continue reading and download updates here!

//Richard

Categories: All, Citrix, XenServer Tags: , , , , , , , , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: