Citrix Hypervisor Security Bulletin for CVE-2023-46838

Description of Problem

An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to cause the host to crash or become unresponsive.

This issue has the following identifier:

• CVE-2023-46838
  What Customers Should Do

We have released a hotfix to address this issue. We recommend that customers install this hotfix and follow the instructions in the linked article as their update schedule permits. The hotfix can be downloaded from the following location:

CTX586901 -<https://support.citrix.com/article/CTX586901&gt;

What We Are Doing

We are notifying customers and channel partners about this potential security issue through the publication of this security bulletin on the Citrix Knowledge Center at
<https://support.citrix.com/securitybulletins&gt;.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <https://www.citrix.com/support&gt;.

Subscribe to Receive Alerts

We strongly recommend that all customers subscribe to receive alerts when a security bulletin is created or modified at <https://support.citrix.com/user/alerts&gt;.

Reporting Security Vulnerabilities to Us

We welcome input regarding the security of our products and consider any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to
report security-related issues to us, please see the following webpage: <https://www.citrix.com/about/trust-center/vulnerability-process.html&gt;