==================================================================== CERT-Renater Note d'Information No. 2020/VULN337 _____________________________________________________________________ DATE : 11/06/2020 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S):Systems running Citrix Hypervisor versions 8.1, 8.0, XenServer versions 7.1 LTSR Cumulative Update 2, 7.0. ===================================================================== https://support.citrix.com/article/CTX275165 _____________________________________________________________________ CTX275165 Citrix Hypervisor Security Updates Security Bulletin | High | Created: 09 Jun 2020 | Modified: 09 Jun 2020 Applicable Products Citrix Hypervisor 8.1 Citrix Hypervisor 8.0 XenServer 7.1 LTSR Cumulative Update 2 XenServer 7.0 Description of Problem Modern CPUs contain random number generators that provide entropy (randomness) to the software running on those processors to use for purposes such as generating cryptographic encryption keys. Software can obtain entropy by using the RDRAND and RDSEED instructions. A security issue has been identified in certain CPU hardware that may allow unprivileged code running on a host to observe the entropy provided by the CPU to other processes, virtual machines or the hypervisor that are, or have recently been, running, irrespective of whether they are running on the same processor core or thread. For example, if a process in one guest VM were to use the RDSEED instruction to get a random value to use as a secret encryption key, another process in a different VM might be able to observe the result of that RDSEED instruction and so determine the secret encryption key. This issue has the following identifier: CVE-2020-0543: Special Register Buffer Data Sampling Advisory Note that this issue only affects the confidentiality of the entropy returned by the CPU, not how random the value itself is. Note also that an attacker can only observe the entropy most recently returned by an RDSEED or RDRAND instruction on the system. If a further RDSEED or RDRAND instruction is executed on the system, the older result is no longer observable by an attacker. Although this is not a vulnerability in the Citrix Hypervisor (formerly Citrix XenServer) product, Citrix is providing hotfixes to mitigate this CPU issue. Hotfixes are available for all currently supported versions of Citrix Hypervisor up to and including Citrix Hypervisor 8.1. These hotfixes include updated CPU microcode which may have a noticeable performance impact on workloads that make significant use of RDRAND or RDSEED instructions. Mitigating Factors Only certain Intel CPUs are affected by this issue; customers are recommended to contact their hardware vendor to determine if their system is affected. Customers with only AMD CPUs are not affected by this issue. What Customers Should Do Hotfixes have been released to address these issues. Citrix recommends that affected customers install these hotfixes as soon as their patching schedule permits. The hotfixes can be downloaded from the following locations: Citrix Hypervisor 8.1: CTX272278 – https://support.citrix.com/article/CTX272278 Citrix Hypervisor 8.0: CTX272277 – https://support.citrix.com/article/CTX272277 Citrix XenServer 7.1 LTSR CU2: CTX272276 – https://support.citrix.com/article/CTX272276 Citrix XenServer 7.0: CTX272275 – https://support.citrix.com/article/CTX272275 What Citrix Is Doing Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/. Obtaining Support on This Issue If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html. Reporting Security Vulnerabilities Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 – Reporting Security Issues to Citrix Changelog Date Change 2020-06-09 Initial Publication ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================