Citrix Hypervisor Security Update

book

Article ID: CTX390511

calendar_today

Updated On:

Description

A security issue has been identified that affects Citrix Hypervisor.
This issue may allow privileged code in a guest VM to cause the host to crash or become unresponsive. The issue only affects systems with Intel CPUs where the malicious guest VM has had a physical PCI device assigned to it by the host administrator using the PCI passthrough feature.
The issue has the following identifier:

CVE-2022-26357

Customers who have not assigned a physical PCI device to a guest VM are not affected by this issue. Customers who are running on systems with only AMD CPUs are also not affected by this issue.

Instructions

Citrix has released hotfixes to address this issue. Citrix recommends that affected customers install these hotfixes as their patching schedule allows. The hotfixes can be downloaded from the following locations:
Citrix Hypervisor 8.2 CU1 LTSR: CTX376976 – https://support.citrix.com/article/CTX376976
Citrix Hypervisor 8.2: CTX376939 – https://support.citrix.com/article/CTX376939
Citrix XenServer 7.1 CU2 LTSR: CTX376940 – https://support.citrix.com/article/CTX376940

Additional Information

Date	Change
2022-04-05	Initial Publication

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"