CVE-2024-5661 Potential Denial of Service affecting XenServer and Citrix Hypervisor

2024-06-1305:58:45

Citrix

github.com

cve-2024-5661

denial of service

xenserver

citrix hypervisor

guest vm

host issue

AI Score

6.8

Confidence

Low

EPSS

Percentile

9.0%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive.

CNA Affected

[
  {
    "vendor": "Citrix",
    "product": "Citrix Hypervisor",
    "versions": [
      {
        "status": "affected",
        "version": "8",
        "versionType": "patch",
        "lessThanOrEqual": "0"
      },
      {
        "status": "affected",
        "version": "8.2 CU1 LTSR",
        "versionType": "hotfix",
        "lessThanOrEqual": "XS82ECU1068"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Citrix",
    "product": "XenServer",
    "versions": [
      {
        "status": "affected",
        "version": "8",
        "versionType": "patch",
        "lessThanOrEqual": "0"
      },
      {
        "status": "affected",
        "version": "8.2 CU1 LTSR",
        "versionType": "hotfix",
        "lessThanOrEqual": "XS82ECU1068"
      }
    ],
    "defaultStatus": "unaffected"
  }
]