The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Citrix Hypervisor

vulnerability CVE-2018-12126 CVE-2018-12127 CVE-2018-12130

Intel processors: information disclosure via performance measurement

Synthesis of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Impacted products: XenServer, Debian, Fedora, FortiAnalyzer, FortiGate, FortiManager, FortiOS, FreeBSD, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows RT, OpenBSD, openSUSE Leap, PAN-OS, pfSense, RHEL, SIMATIC, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, ESXi, vCenter Server, VMware vSphere Hypervisor, Xen.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 15/05/2019.
Revision date: 15/05/2019.
Identifiers: CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-4444-1, DSA-4447-1, DSA-4447-2, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, INTEL-SA-00233, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SSA-616472, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad.

Description of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 28663

Xen: denial of service via Insufficient TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via Insufficient TLB Flushing of Xen, in order to trigger a denial of service on the host system.
Impacted products: XenServer, Fedora, Xen.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, FEDORA-2019-bce6498890, VIGILANCE-VUL-28663, XSA-294.

Description of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via Insufficient TLB Flushing of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 28662

Xen: privilege escalation via PV Kernel Context Switch

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via PV Kernel Context Switch of Xen, in order to escalate his privileges on the host system.
Impacted products: XenServer, Fedora, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, FEDORA-2019-bce6498890, VIGILANCE-VUL-28662, XSA-293.

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via PV Kernel Context Switch of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 28661

Xen: privilege escalation via Insufficient TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Impacted products: XenServer, Fedora, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, FEDORA-2019-bce6498890, VIGILANCE-VUL-28661, XSA-292.

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 28657

Xen: privilege escalation via Steal_page Page_struct Access Discipline

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Steal_page Page_struct Access Discipline of Xen, in order to escalate his privileges on the host system.
Impacted products: XenServer, Fedora, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: user shell.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, FEDORA-2019-bce6498890, VIGILANCE-VUL-28657, XSA-287.

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Steal_page Page_struct Access Discipline of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-19965

Xen: denial of service via INVPCID Non-canonical Addresses

Synthesis of the vulnerability

An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system.
Impacted products: XenServer, Debian, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 21/11/2018.
Identifiers: CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19965, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27846, XSA-279.

Description of the vulnerability

An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-19961 CVE-2018-19962

Xen: privilege escalation via Insufficient AMD IOMMU TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Impacted products: XenServer, Debian, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/11/2018.
Identifiers: CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19961, CVE-2018-19962, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27843, XSA-275.

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-18883

Xen: NULL pointer dereference via Disabled Nested VT-x

Synthesis of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Disabled Nested VT-x of Xen, in order to trigger a denial of service on the host system.
Impacted products: XenServer, Fedora, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Xen.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 25/10/2018.
Identifiers: CERTFR-2018-AVI-514, CERTFR-2018-AVI-520, CTX239100, CVE-2018-18883, FEDORA-2018-2fde555d91, FEDORA-2018-73dd8de892, FEDORA-2018-a24754252a, FEDORA-2018-f20a0cead5, FEDORA-2019-3e89502cb1, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, VIGILANCE-VUL-27614, XSA-278.

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Disabled Nested VT-x of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-14007

Xen: privilege escalation via XAPI

Synthesis of the vulnerability

An attacker can bypass restrictions via XAPI of Xen, in order to escalate his privileges.
Impacted products: XenServer, Xen.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: intranet client.
Creation date: 16/08/2018.
Identifiers: CERTFR-2018-AVI-388, CERTFR-2018-AVI-391, CTX236548, CVE-2018-14007, VIGILANCE-VUL-27005, XSA-271.

Description of the vulnerability

An attacker can bypass restrictions via XAPI of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-15471

Xen: privilege escalation via Linux Netback Driver

Synthesis of the vulnerability

An attacker can bypass restrictions via Linux Netback Driver of Xen, in order to escalate his privileges.
Impacted products: XenServer, Debian, Fedora, Linux, Ubuntu, Xen.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data reading, denial of service on server.
Provenance: user shell.
Creation date: 16/08/2018.
Identifiers: CERTFR-2018-AVI-388, CERTFR-2018-AVI-391, CERTFR-2018-AVI-557, CTX236548, CVE-2018-15471, DLA-1715-1, DSA-4313-1, FEDORA-2018-79d7c3d2df, FEDORA-2018-8422d94975, USN-3819-1, USN-3820-1, USN-3820-2, USN-3820-3, VIGILANCE-VUL-27004, XSA-270.

Description of the vulnerability

An attacker can bypass restrictions via Linux Netback Driver of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Citrix Hypervisor: