Citrix has released patches for two vulnerabilities affecting Citrix Hypervisor, one of them being the high-severity “Reptar” flaw that affects Intel processors for desktop and server systems.
Citrix Hypervisor (formerly XenServer) is an enterprise-level virtualization platform for deploying and managing virtualized environments.
The patches address tracked vulnerabilities like CVE-2023-23583 and CVE-2023-46835. The first is a security issue that Intel revealed yesterday that affects “Ice Lake” (2019) and later generations of processors.
Known as the “redundant prefix issue,” the vulnerability involves executing a specific instruction (REP MOVSB) with a redundant REX prefix, potentially leading to system instability, crashes, or in rare cases, a escalation of privileges.
Intel has released microcode that fixes the issue and recommends an early update to alleviate this issue. However, the hardware maker also notes that the likelihood of an actual exploitation of CVE-2023-23583 is low.
“While this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to alleviate this processor hardware issue,” the advisory reads.
“This issue may allow unprivileged code in a guest VM to compromise that VM and, potentially, the host” – Intel
Google researchers, led by Tavis Ormandy, discovered Reptar some time ago. Ormandy says that even if we know how to “corrupt the system state severely enough to cause machine check errors,” we still need to find a method to exploit the bug to achieve privilege escalation.
The second vulnerability patched by Citrix is CVE-2023-46835, which affects Citrix Hypervisor 8.2 CU1 LTSR. It could be exploited to allow malicious privileged code in a guest virtual machine (VM) to compromise an AMD-based host via a transmitted PCI device.
This issue only affects VM hosts that use an AMD processor and also use PCI device passthrough.
Instructions on how to apply the fix for the above issues are available on this Citrix Knowledge Center web page.