Citrix XenServer Multiple Security Updates

<section>
<div><div>
<div>

<h2> Description of Problem</h2>

<div>
<div>
<div>
<p>A number of vulnerabilities have been identified within Citrix XenServer that could, if exploited, allow a malicious administrator of a guest VM to crash the host and, for some XenServer versions, allow a remote attacker to compromise the host.</p>
<p>The following vulnerabilities have been addressed:</p>
<ul>
<li>CVE-2016-2074: openvswitch: MPLS buffer overflow vulnerability</li>
<li>CVE-2018-7540: DoS via non-preemptable L3/L4 pagetable freeing</li>
<li>CVE-2018-7541: grant table v2 -> v1 transition may crash Xen</li>
</ul>
<p>The host compromise issue (CVE-2016-2074) affects Citrix XenServer versions 7.0 and 7.1 CU1 only.<br /> The denial of service issues affect all supported versions of Citrix XenServer prior to version 7.4.<br /> </p>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Mitigating Factors</h2>

<div>
<div>
<div>
<p>Customers using the “Linux bridge” networking mode are unaffected by the host compromise issue.</p>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> What Customers Should Do</h2>

<div>
<div>
<div>
<p>Hotfixes have been released to address these issues. Citrix strongly recommends that affected customers install these hotfixes as soon as possible. The hotfixes can be downloaded from the following locations:</p>
<p>Citrix XenServer 7.3: CTX233368 – <a href=“https://support.citrix.com/article/CTX233368”>https://support.citrix.com/article/CTX233368</a></p>
<p>Citrix XenServer 7.2: CTX233366 – <a href=“https://support.citrix.com/article/CTX233366”>https://support.citrix.com/article/CTX233366</a></p>
<p>Citrix XenServer 7.1 LTSR CU1: CTX233363 – <a href=“https://support.citrix.com/article/CTX233363”>https://support.citrix.com/article/CTX233363</a> and CTX233365 – <a href=“https://support.citrix.com/article/CTX233365”>https://support.citrix.com/article/CTX233365</a></p>
<p>Citrix XenServer 7.0: CTX233362 – <a href=“https://support.citrix.com/article/CTX233362”>https://support.citrix.com/article/CTX233362</a> and CTX233364 – <a href=“https://support.citrix.com/article/CTX233364”>https://support.citrix.com/article/CTX233364</a></p>
<p>These hotfixes are not livepatchable.</p>
<p>Citrix is actively working on remediating the denial of service issues for releases that are End of Maintenance but not yet End of Life.</p>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> What Citrix Is Doing</h2>

<div>
<div>
<div>
<div>
<div>
<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=“http://support.citrix.com/”>http://support.citrix.com/</a></u>.</p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Obtaining Support on This Issue</h2>

<div>
<div>
<div>
<div>
<div>
<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=“https://www.citrix.com/support/open-a-support-case.html”>https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Reporting Security Vulnerabilities</h2>

<div>
<div>
<div>
<div>
<div>
<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – <a href=“http://support.citrix.com/article/CTX081743”>Reporting Security Issues to Citrix</a></p>
</div>
</div>
</div>
</div>
</div>

<hr />
</div>
<div>

<h2> Changelog</h2>

<div>
<div>
<div>
<table border=“1” width=“100%”>
<tbody>
<tr>
<td>Date </td>
<td>Change</td>
</tr>
<tr>
<td>21st March 2018</td>
<td>Initial publication</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>

<hr />
</div>
</div></div>
</section>