CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads...

kernel: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

[SECURITY] Fedora 38 Update: qemu-7.2.1-2.fc38

qemu is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu acts as a virtual machine monitor together with the KVM kernel modules, and emulates the hardware for a full system such as a PC and its associated peripherals...

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service RaaS operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in ...

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service RaaS operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in ...

Low performance with Intel X710/XL710/X722

Creating a snapshot on Citrix Hypervisor 8.2 CU1 might be slower than XenServer 7.1 when using the following driver and firmware. Driver: i40e: IntelR 40-10 Gigabit Ethernet Connection Network Driver - version 2.9.21 Firmware: fw 8.71.63306 api 1.11 nvm 10.54.7...

NULL Pointer Dereference

xen is vulnerable to NULL Pointer Dereference. The vulnerability occurs due to improper check in one of the hypervisor routines used for shadow page handling. This could allow a guest with a PCI device to pass through to cause the hypervisor to access an arbitrary pointer partially under guest...

Driver Disk for Cisco fnic 2.0.0.89-243.0 - For Citrix Hypervisor 8.2 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Cisco's fnic driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- fnic| FC and NVME HBA Driver/| 2.0.0.89-243.0 Issues resolved in this driv...

How to Change the Software Open iSCSI IQN in XenServer

This article contains information about how to identify and change the software iSCSI initiator IQN. By default a random IQN is generated when you install XenServer formerly Citrix Hypervisor. The IQN is a requirement when running iSCSI to identify the XenServer host on the iSCSI network. It is...

Workspace app timeout when launching desktop VDI which is in powered off state

VDA is in powered Off state on the hypervisor. User clicks on the desktop icon and machine starts on hypervisor due to powerOnlaunch request and registers but the launch fails with the below error : Citrix Workspace : Could not start appThere was a problem contacting "XXX"...

PT-2023-8013 · Parallels · Parallels Desktop

Name of the Vulnerable Software and Affected Versions: Parallels Desktop affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this issue, where the target i...

Migrating pooled licenses to new ADM server

In this document, you’ll discover how to migrate Citrix ADM Application Delivery Management on-premises to Citrix ADM service. Migrating to cloud resources modernizes your deployment, providing enhanced elasticity, scalability, and management. The guidance documented here is based on deployment i...

(Pwn2Own) VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Fedora: Security Advisory for xen (FEDORA-2023-d28433ead1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: xen-4.17.0-9.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Update now: Critical flaw in VMWare Fusion and VMWare Workstation

Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have been given the severity rating "Important", with the last CVE-2023-20869 is classed as "Critical". Success! @starlabssg used an uninitialized...

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

DEBIAN-CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

ALPINE-CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...