Citrix Hypervisor Security Update

book

Article ID: CTX341586

calendar_today

Updated On:

Description

An issue has been identified in AMD CPU hardware that may allow code in a guest VM to infer the value of in-memory data in other guest VMs. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include mitigations for this hardware issue.

This issue has the following identifier:

CVE-2021-26401

Customers who are running on systems with only Intel CPUs are not affected by this AMD CPU issue.

Instructions

Citrix has released hotfixes to address this issue. Citrix recommends that affected customers install these hotfixes as their patching schedule allows. The hotfixes can be downloaded from the following locations:
Citrix Hypervisor 8.2 CU1 LTSR: CTX341439 – https://support.citrix.com/article/CTX341439
Citrix Hypervisor 8.2: CTX341440 – https://support.citrix.com/article/CTX341440
Citrix XenServer 7.1 CU2 LTSR: CTX341438 – https://support.citrix.com/article/CTX341438

Additional Information

Date	Change
2022-03-08	Initial Publication

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"