Security updates are available for the two supported releases of XCP-ng: 8.0 and 8.1.

To update, follow this guide. You can also join the discussion on our community forum. A host reboot is required after applying these updates.

Related: Citrix Hypervisor Security Bulletin


Multiple Xen security issues

Several security issues were discovered and fixed in the Xen hypervisor, which is at the core of XCP-ng.

  • Impact: privileged code running in a guest VM may manage to crash the host or make it unresponsive. Additionally, unprivileged code running in a PV guest VM may be able to crash the VM.
  • Vulnerable systems: any unpatched XCP-ng host.
  • Resolution: Update your hosts and reboot.