Citrix Hypervisor: Attackers could crash virtual machines


Under certain conditions, attackers could incapacitate virtual machines (VM) implemented with Citrix Hypervisor on guest systems. A version secured against this has been released.

As a warning message shows, the developers have closed two vulnerabilities (CVE-2021-3416 “medium“, CVE-20257 „low“) closed. For attacks to be successful, an attacker must already have access to a guest VM and be able to execute privileged code. Details on specific attack scenarios are currently lacking. If an attack is successful, it leads to a DoS state. The VM will either crash or stop responding

This only affects the Citrix Hypervisor 8.2 LTSR edition. The developers state that the bugs in the Version 8.2 LTSR: CTX310674 to have got rid of the world.


To home page