Citrix XenServer Multiple Security Updates

A number of security vulnerabilities have been identified in Citrix XenServer. The following vulnerabilities have been addressed:

• CVE-2015-5621 (Medium): incorrectly handled SNMP PDU parsing failures
  This issue may allow a malicious attacker on the management network to attack the host SNMP daemon if it has been exposed through the firewall.
• CVE-2016-2271 (Low): VMX: guest user mode may crash guest with non-canonical RIP
  This issue may allow a malicious guest user to crash that guest.
• CVE-2016-3158/CVE-2016-3159 (Low): broken AMD FPU FIP/FDP/FOP leak workaround
  This issue may allow a malicious guest administrator to obtain low-value information from other VMs at a low rate.
• CVE-2016-3960 (Low): x86 shadow pagetables: address width overflow
  This issue may allow a malicious guest administrator to crash the host machine.

CVE-2015-5621 is only applicable to hosts where the SNMP service has been exposed. Citrix XenServer itself does not expose this service but the installation of host-manufacturer-specific supplementary packs may change this.

CVE-2016-2271 is only applicable to HVM guests running on Intel CPUs.

CVE-2016-3158/CVE-2016-3159 is only applicable to Citrix XenServer 6.5 SP1 running on AMD CPUs.

CVE-2016-3960 is only applicable to HVM guests running on systems which either do not support Hardware Assisted Paging (HAP) or where HAP has been explicitly disabled by the host administrator.

Hotfixes have been released to address these issues. Citrix recommends that affected customers install these hotfixes, which can be downloaded from the following locations:

Citrix XenServer 6.5 SP1: CTX209498 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209498.citrix

Citrix XenServer 6.2 SP1: CTX209497 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209497.citrix

Citrix XenServer 6.1: CTX209496 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209496.citrix

Citrix XenServer 6.0.2: CTX209494 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209494.citrix

Citrix XenServer 6.0.2 Common Criteria: CTX209495 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209495.citrix

Citrix XenServer 6.0: CTX209493 – https://support.citrix.comhttp://support.ctx.org.cn/CTX209493.citrix

??

??

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at?? /.

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at?? http://www.citrix.com/site/ss/supportContacts.asp.

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 –?? Reporting Security Issues to Citrix