November 2020 Security Updates

Security updates are available for the two supported releases of XCP-ng: 8.0 and 8.1.

To update, follow this guide. You can also join the discussion on our community forum. Hosts reboot necessary after this update.

Related: Citrix Hypervisor Security Bulletin

Summary

Several security issues have been identified in Xen and in the Linux kernel's Xen support, that may allow:

• a PV guest VM to be compromised by unprivileged code running in that VM
• host crashes or unresponsiveness caused by privileged code in a guest VM
• memory corruption of the host or other VMs from an HVM guest VM with a PCI passthrough device.

These issues have been fixed in XCP-ng 8.1 (updated on November 30th) and partially fixed in XCP-ng 8.0 (updated on October 2nd).

List of issues and references

• CVE-2020-27670 (XSA-347) - Fixed in XCP-ng 8.0 and 8.1
• CVE-2020-27671 (XSA-346) - Fixed in XCP-ng 8.0 and 8.1
• CVE-2020-27672 (XSA-345) - Fixed in XCP-ng 8.0 and 8.1
• CVE-2020-27673 (XSA-332) - Fixed in XCP-ng 8.1
• CVE-2020-27674 (XSA-286) - Fixed in XCP-ng 8.0 and 8.1
• CVE-2020-27675 (XSA-331) - Fixed in XCP-ng 8.1

XCP-ng 8.0 end of life is coming soon

XCP-ng 8.0 will reach its end of life as soon as XCP-ng 8.2 is released. This is likely to happen within two weeks.

Exceptionally, there are two CVEs that were not fixed in XCP-ng 8.0. We advise users of this release to:

• Review the two CVEs and assess the risk (trusted vs untrusted workloads)
• Upgrade as soon as possible to a higher release of XCP-ng

Other updates

The batch of updates released at this occasion also contains a few bugfixes and enhancements.

XCP-ng 8.1

• Fix compatibility with XenDesktop
• Openflow support in the SDN controller
• DHCP requests from the host now properly send the hostname to the DHCP server

XCP-ng 8.0

• Support for backups with RAM in Xen Orchestra
• Openflow support in the SDN controller
• DHCP requests from the host now properly send the hostname to the DHCP server