Citrix Hypervisor 8.2 Cumulative Update 1 - Base Installation ISO - updated June 2023

We have reissued the base installation ISO for Citrix Hypervisor 8.2 Cumulative Update 1 and refreshed its content to enable customers to install Citrix Hypervisor 8.2 Cumulative Update 1 on certain Intel® Xeon® 84xx/64xx/54xx/44xx/34xx Sapphire Rapids systems. For more information, see theHardwa...

CVE-2023-30612 affecting package cloud-hypervisor for versions less than 31.1-1

CVE-2023-30612 affecting package cloud-hypervisor for versions less than 31.1-1. An upgraded version of the package is available that resolves this issue...

Actors, Threats and Vulnerabilities 22 to 28 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of ten attacks executed, taking advantage of four different vulnerabilities in vario...

Bootlicker - A Generic UEFI Bootkit Used To Achieve Initial Usermode Execution

bootlicker is a legacy, extensible UEFI firmware rootkit targeting vmware hypervisor virtual machines. It is designed to achieve initial code execution within the context of the windows kernel, regardless of security settings configured. Architecture bootlicker takes its design from the legacy...

Fedora: Security Advisory for xen (FEDORA-2023-8334fe0ecb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: xen-4.17.1-2.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2023-30440

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

Design/Logic Flaw

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

CVE-2023-30440 IBM PowerVM Hypervisor denial of service

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

CVE-2023-30440

CVE-2023-30440 affects IBM PowerVM Hypervisor across multiple firmware branches (FW860, FW950, FW1010, FW1020, FW1030). The issue allows a local attacker who controls a partition with an SRIOV VF to cause a denial of service to a peer partition or arbitrary data corruption. Root cause details spe...

IBM PowerVM Hypervisor 输入验证错误漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. provides a secure and scalable virtualized environment for applications built on the advanced RAS features and leading performance of the Power Systems platform. An input validation error vulnerability exists ...

PT-2023-22694 · Ibm · Ibm Powervm Hypervisor

Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW860.00 through FW860.B3 IBM PowerVM Hypervisor versions FW950.00 through FW950.70 IBM PowerVM Hypervisor versions FW1010.00 through FW1010.50 IBM PowerVM Hypervisor versions FW1020.00 through FW1020.30 IBM...

MichaelKors Ransomware Targets Linux and VMware ESXi Systems with Hypervisor Jackpotting

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MichaelKors ransomware, a new RaaS operation, has been targeting Linux and VMware ESXi systems since April 2023, utilizing the tactic of "hypervisor jackpotting" to gain unrestricted access and encrypt...

Citrix Hypervisor Installation Fails: "This host does not appear to have any hard disks"

During CH8.2CU1 installation onSuperServer 210GP-DNR with local NVMe RAID1 configurated, local disks can not be found when selecting disk for vm data:...

VMs Show Gray Screen When Booted Up With vGPU Attached

4 production VMs show Gray screen when booted up with vGPU attached, error message shows in Hypervisor status report: kern.log: May 14 20:33:16 citrix-srv-172 kernel: 1545.091820 nvrm-nvlog: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA May 14 20:33:16 citrix-srv-172 kernel:...

DEBIAN-CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads...

CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads...

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen has a security vulnerability that stems...