Description of Problem
Several security issues have been identified that affect Citrix Hypervisor:
An issue has been identified that may allow privileged code in a PV guest VM to cause the host to crash. This issue has the following identifier:
An issue has been identified that may allow privileged code in a guest VM to cause the host to crash. This issue only affects systems where the malicious guest VM has had a physical PCI device assigned through to it by the host administrator using the PCI passthrough feature. This issue has the following identifier:
Intel has disclosed an issue that affects Intel CPU hardware together with corresponding microcode updates. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include the updated microcode together with the product changes needed to support the new microcode. This issue has the following identifier:
An issue has been identified that may allow privileged code in a PV guest VM to cause the host to crash. This issue has the following identifier:
- CVE-2022-23034
An issue has been identified that may allow privileged code in a guest VM to cause the host to crash. This issue only affects systems where the malicious guest VM has had a physical PCI device assigned through to it by the host administrator using the PCI passthrough feature. This issue has the following identifier:
- CVE-2022-23035
Intel has disclosed an issue that affects Intel CPU hardware together with corresponding microcode updates. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasing hotfixes that include the updated microcode together with the product changes needed to support the new microcode. This issue has the following identifier:
- CVE-2021-0145