Citrix Systems on Wednesday issued hotfixes for its XenServer hypervisor product, fixing vulnerabilities that attackers could exploit to remotely compromise a host compromise or cause a denial of service condition.
The host compromise bug (CVE-2016-2074), is an MPLS buffer overflow vulnerability in the Open vSwitch distributed virtual multilayer switch that affects XenServer versions 7.0 and 7.1 CUI 1, Citrix revealed in an online notification.
Citrix also reported that the denial of service problem stems from two flaws affecting all XenServer versions prior to 7.4: a “non-preemptable L3/L4 pagetable freeing” (CVE-2018-7540) and a “grant table v2 -> v1 transition” that can cause a crash (CVE-2018-7541).
Citrix’s hotfixes are meant specifically for versions 7.0 – 7.3. The company says it is still working on remediating the DoS issues for older releases that are “end of maintenance” but not “end of life.”