On September 7th, Citrix released support article CTX325319 which outlines five security vulnerabilities that impact Citrix Hypervisor (formerly XenServer). These vulnerabilities impact all versions of Citrix Hypervisor and could allow an attacker to further compromise or crash a host via privileged code in a guest VM.
Citrix has release hotfixes to address these vulnerabilities for Citrix Hypervisor 8.2 LTSR and 7.1 LTSR. Information on obtaining and applying these patches can be found below.
It is important to note that the hotfixes listed above do contain additional previously released hotfixes and do require a reboot after installation.
Organizations should apply the CTX325319 hotfix as soon as possible to their environment.
If your organization need assistance updating your Citrix Hypervisor installations reach out to Xenwerx or another Citrix Partner.
The original Citrix CTX article can be found here.