Article Details
Scrape Timestamp (UTC): 2023-11-15 19:27:30.740
Original Article Text
Click to Toggle View
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw. Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems. The Citrix Hypervisor (formerly XenServer) is an enterprise-level virtualization platform for deploying and managing virtualized environments. The hotfixes address vulnerabilities tracked as CVE-2023-23583 and CVE-2023-46835. The former is a security issue that Intel disclosed yesterday and impacts the 'Ice Lake' (2019) and later processor generations. Known as a 'Redundant Prefix Issue', the vulnerability involves the execution of a specific instruction (REP MOVSB) with a redundant REX prefix, potentially leading to system instability, crashes, or, in rare cases, privilege escalation. Intel released microcode that corrects the problem and recommends a prompt update to mitigate this issue. However, the hardware maker also notes that the probability of real-world exploitation for CVE-2023-23583 is low. "Although this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to mitigate this CPU hardware issue," reads the advisory "This issue may allow unprivileged code in a guest VM to compromise that VM and, potentially, the host" - Intel Google researchers, led by Tavis Ormandy, independetly discovered Reptar a while back. Ormandy says that although it is known how to "corrupt the system state badly enough to cause machine check errors," a method to exploit the bug to achieve privilege escalation is still to be found. The second vulnerability Citrix fixed is CVE-2023-46835, which impacts Citrix Hypervisor 8.2 CU1 LTSR. It could be exploited to allow malicious privileged code in a guest virtual machine (VM) to compromise an AMD-based host through a passed-through PCI device. This problem only impacts VM hosts that use an AMD CPU and which also use a PCI device passthrough. Instructions on how to apply the hotfix for the above issues can be found on this webpage on Citrix's Knowledge Center.
Daily Brief Summary
Citrix has issued hotfixes for Citrix Hypervisor targeting two vulnerabilities, including a high-severity Intel CPU flaw known as "Reptar".
The addressed vulnerabilities are identified as CVE-2023-23583, affecting Ice Lake and later Intel processor generations, and CVE-2023-46835, specific to Citrix Hypervisor 8.2 with certain AMD CPUs.
CVE-2023-23583, disclosed by Intel, could cause system crashes or privilege escalation, although the likelihood of exploitation is deemed low.
The flaw could allow guest VM code to compromise the VM and potentially the host system.
CVE-2023-46835 concerns a scenario where privileged code in a guest VM might compromise an AMD-based host via a passed-through PCI device.
The hotfixes also include updated Intel microcode to help mitigate these hardware issues.
Detailed instructions for applying the hotfixes are available on Citrix's Knowledge Center.