Security News > 2023 > November > Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw
Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems.
"Although this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to mitigate this CPU hardware issue," reads the advisory.
The second vulnerability Citrix fixed is CVE-2023-46835, which impacts Citrix Hypervisor 8.2 CU1 LTSR. It could be exploited to allow malicious privileged code in a guest virtual machine to compromise an AMD-based host through a passed-through PCI device.
New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs. LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed.
New Reptar CPU flaw impacts Intel desktop and server systems.
Hackers use Citrix Bleed flaw in attacks on govt networks worldwide.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-05 | CVE-2023-46835 | Unspecified vulnerability in XEN The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels based on the maximum (hot pluggable) RAM address, and hence on systems with no RAM above the 512GB mark only 3 page-table levels are configured in the IOMMU. On systems without RAM above the 512GB boundary amd_iommu_quarantine_init() will setup page tables for the scratch page with 4 levels, while the IOMMU will be configured to use 3 levels only, resulting in the last page table directory (PDE) effectively becoming a page table entry (PTE), and hence a device in quarantine mode gaining write access to the page destined to be a PDE. Due to this page table level mismatch, the sink page the device gets read/write access to is no longer cleared between device assignment, possibly leading to data leaks. | 5.5 |