The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Citrix Hypervisor

threat alert CVE-2019-18420

Xen: assertion error via VCPUOP_initialise

Synthesis of the vulnerability

An attacker, inside a guest system, can force an assertion error via VCPUOP_initialise() of Xen, in order to trigger a denial of service on the host system.
Severity: 1/4.
Creation date: 31/10/2019.
Identifiers: CERTFR-2019-AVI-541, CERTFR-2019-AVI-543, CTX263477, CVE-2019-18420, openSUSE-SU-2019:2506-1, SUSE-SU-2019:2960-1, SUSE-SU-2019:2961-1, SUSE-SU-2019:2962-1, VIGILANCE-VUL-30757, XSA-296.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can force an assertion error via VCPUOP_initialise() of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

cybersecurity bulletin CVE-2018-12126 CVE-2018-12127 CVE-2018-12130

Intel processors: information disclosure via performance measurement

Synthesis of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 15/05/2019.
Revision date: 15/05/2019.
Identifiers: 1074268, 1103481, CERTFR-2019-AVI-209, CERTFR-2019-AVI-211, CERTFR-2019-AVI-212, CERTFR-2019-AVI-213, CERTFR-2019-AVI-215, CERTFR-2019-AVI-217, CERTFR-2019-AVI-229, CERTFR-2019-AVI-230, CERTFR-2019-AVI-233, CERTFR-2019-AVI-311, CERTFR-2019-AVI-458, CERTFR-2019-AVI-489, CTX251995, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, DLA-1787-1, DLA-1789-1, DLA-1789-2, DLA-1799-1, DLA-1799-2, DSA-4444-1, DSA-4447-1, DSA-4447-2, FEDORA-2019-0731828893, FEDORA-2019-1f5832fc0e, FEDORA-2019-640f8d8dd1, FEDORA-2019-6458474bf2, FEDORA-2019-c36afa818c, FEDORA-2019-e6bf55e821, FEDORA-2019-eb08fb0c5f, FG-IR-18-002, FreeBSD-SA-19:07.mds, FreeBSD-SA-19:26.mcu, HPESBHF03933, INTEL-SA-00233, openSUSE-SU-2019:1402-1, openSUSE-SU-2019:1403-1, openSUSE-SU-2019:1404-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1407-1, openSUSE-SU-2019:1408-1, openSUSE-SU-2019:1419-1, openSUSE-SU-2019:1420-1, openSUSE-SU-2019:1468-1, openSUSE-SU-2019:1505-1, openSUSE-SU-2019:1805-1, openSUSE-SU-2019:1806-1, PAN-SA-2019-0012, RHSA-2019:1155-01, RHSA-2019:1167-01, RHSA-2019:1168-01, RHSA-2019:1169-01, RHSA-2019:1170-01, RHSA-2019:1171-01, RHSA-2019:1172-01, RHSA-2019:1174-01, RHSA-2019:1175-01, RHSA-2019:1176-01, RHSA-2019:1177-01, RHSA-2019:1178-01, RHSA-2019:1180-01, RHSA-2019:1181-01, RHSA-2019:1182-01, RHSA-2019:1183-01, RHSA-2019:1184-01, RHSA-2019:1185-01, RHSA-2019:1186-01, RHSA-2019:1187-01, RHSA-2019:1188-01, RHSA-2019:1189-01, RHSA-2019:1190-01, RHSA-2019:1193-01, RHSA-2019:1194-01, RHSA-2019:1195-01, RHSA-2019:1196-01, RHSA-2019:1197-01, RHSA-2019:1198-01, SB10292, SSA-608355, SSA-616472, SUSE-SU-2019:1235-1, SUSE-SU-2019:1236-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1240-1, SUSE-SU-2019:1241-1, SUSE-SU-2019:1242-1, SUSE-SU-2019:1243-1, SUSE-SU-2019:1244-1, SUSE-SU-2019:1245-1, SUSE-SU-2019:1248-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:1296-1, SUSE-SU-2019:1313-1, SUSE-SU-2019:1347-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1356-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14048-1, SUSE-SU-2019:14051-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, SUSE-SU-2019:14133-1, SUSE-SU-2019:1423-1, SUSE-SU-2019:1438-1, SUSE-SU-2019:1452-1, SUSE-SU-2019:1490-1, SUSE-SU-2019:1547-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1909-1, SUSE-SU-2019:1910-1, SUSE-SU-2019:1954-1, SUSE-SU-2019:2430-1, Synology-SA-19:24, USN-3977-1, USN-3977-2, USN-3977-3, USN-3978-1, USN-3979-1, USN-3980-1, USN-3981-1, USN-3981-2, USN-3982-1, USN-3982-2, USN-3983-1, USN-3983-2, USN-3984-1, USN-3985-1, USN-3985-2, VIGILANCE-VUL-29300, VMSA-2019-0008, XSA-297, ZombieLoad.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can measure performances of his process, in order to get sensitive information about other process or, if the host is virtualized, about other guest systems.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2019-17348

Xen: denial of service via Insufficient TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via Insufficient TLB Flushing of Xen, in order to trigger a denial of service on the host system.
Severity: 2/4.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, CVE-2019-17348, FEDORA-2019-bce6498890, SUSE-SU-2019:2783-1, VIGILANCE-VUL-28663, XSA-294.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can trigger a fatal error via Insufficient TLB Flushing of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer weakness announce CVE-2019-17347

Xen: privilege escalation via PV Kernel Context Switch

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via PV Kernel Context Switch of Xen, in order to escalate his privileges on the host system.
Severity: 2/4.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, CVE-2019-17347, FEDORA-2019-bce6498890, SUSE-SU-2019:2783-1, VIGILANCE-VUL-28662, XSA-293.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via PV Kernel Context Switch of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

computer weakness CVE-2019-17346

Xen: privilege escalation via Insufficient TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Severity: 2/4.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, CVE-2019-17346, FEDORA-2019-bce6498890, SUSE-SU-2019:2783-1, VIGILANCE-VUL-28661, XSA-292.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2019-17342

Xen: privilege escalation via Steal_page Page_struct Access Discipline

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Steal_page Page_struct Access Discipline of Xen, in order to escalate his privileges on the host system.
Severity: 2/4.
Creation date: 05/03/2019.
Identifiers: CERTFR-2019-AVI-089, CTX246572, CVE-2019-17342, FEDORA-2019-bce6498890, SUSE-SU-2019:2783-1, VIGILANCE-VUL-28657, XSA-287.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Steal_page Page_struct Access Discipline of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-19965

Xen: denial of service via INVPCID Non-canonical Addresses

Synthesis of the vulnerability

An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system.
Severity: 2/4.
Creation date: 21/11/2018.
Identifiers: CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19965, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27846, XSA-279.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2018-19961 CVE-2018-19962

Xen: privilege escalation via Insufficient AMD IOMMU TLB Flushing

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/11/2018.
Identifiers: CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19961, CVE-2018-19962, DLA-1949-1, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27843, XSA-275.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-18883

Xen: NULL pointer dereference via Disabled Nested VT-x

Synthesis of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Disabled Nested VT-x of Xen, in order to trigger a denial of service on the host system.
Severity: 2/4.
Creation date: 25/10/2018.
Identifiers: CERTFR-2018-AVI-514, CERTFR-2018-AVI-520, CTX239100, CVE-2018-18883, FEDORA-2018-2fde555d91, FEDORA-2018-73dd8de892, FEDORA-2018-a24754252a, FEDORA-2018-f20a0cead5, FEDORA-2019-3e89502cb1, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, VIGILANCE-VUL-27614, XSA-278.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Disabled Nested VT-x of Xen, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2018-14007

Xen: privilege escalation via XAPI

Synthesis of the vulnerability

An attacker can bypass restrictions via XAPI of Xen, in order to escalate his privileges.
Severity: 3/4.
Creation date: 16/08/2018.
Identifiers: CERTFR-2018-AVI-388, CERTFR-2018-AVI-391, CTX236548, CVE-2018-14007, VIGILANCE-VUL-27005, XSA-271.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via XAPI of Xen, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Citrix Hypervisor: