Citrix Systems Citrix Hypervisor Security Vulnerability

Citrix Systems Citrix Hypervisor is an application from Citrix Systems, Inc. It is used to simplify operations management and ensure a high-definition user experience for intensive workloads. A security vulnerability exists in Citrix Hypervisor version 8.2 CU1 LTSR and XenServer 8, which stems fr...

The vulnerability of the file system for pervasive access 9p (9pfs) in the QEMU hardware emulation software allows a perpetrator to circumvent existing access control policies.

The vulnerability of the 9pfs file system, a hypervisor-based emulator of QEMU, is related to the absence of a prohibition on opening specific files on the host side. Exploiting this vulnerability can allow a perpetrator to circumvent existing access control policies...

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

XenServer and Citrix Hypervisor Security Update for CVE-2024-5661

An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which mayallow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. This issue has the following identifier: CVE-2024-5661 CVE-2024-5661 affects all deployments. Summary CV...

PT-2024-4265 · Citrix · Citrix Hypervisor +1

Name of the Vulnerable Software and Affected Versions: Citrix Hypervisor versions 8.2 CU1 LTSR XenServer version 8 Description: The issue is related to improper rate limiting in an endpoint, which may allow an attacker to cause a denial of service. A malicious administrator of a guest VM can...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

XenCenter 2024.2.0 - For Citrix Hypervisor and XenServer

Who Should Install This Update? This XenCenter update is for customers who use XenCenter as the management console for Citrix Hypervisor 8.2 CU1 and XenServer 8. This version of XenCenter supersedes any previous version of XenCenter. It constitutes the following deliverable: File Name|...

CVE-2023-43556

Memory corruption in Hypervisor when platform information mentioned is not aligned...

CVE-2023-43556 Buffer Copy Without Checking Size of Input in Hypervisor

Memory corruption in Hypervisor when platform information mentioned is not aligned...

CVE-2023-43556 Buffer Copy Without Checking Size of Input in Hypervisor

Memory corruption in Hypervisor when platform information mentioned is not aligned...

(Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

DEBIAN-CVE-2024-36912

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track decrypted status in vmbusgpadl In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is share...

UBUNTU-CVE-2024-36913

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is...

CVE-2024-36913 Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is...

Machine Creation Fails When Creating Remote PowerShell Session

The “Resources” environment test Check hypervisor storage fails with the following error: “While testing access to storage with ID MyStorageID, an error occurred while attempting to create a remote PowerShell session to host MyHostName.” The “Resources” environment test Check hypervisor...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a vulnerability in the Drivers:hv:vmbus module...

(Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...