Citrix XenServer Multiple Security Updates (CTX227185)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host: - CVE-2017-14316: (High) Missing NUMA node parameter verification. - CVE-2017-14318: (Medium) Missing check for grant table. - CVE-2017-14319: (High) insufficient grant unmapping checks for x86 PV guests.
Affected Software
Affected Software
XenServer versions 7.2, 7.1, 7.0, 6.5, 6.2.0, 6.0.2.
Solution
Solution
Apply the hotfix referenced in the advisory.