November 2020 Security Updates
Security updates are available for the two supported releases of XCP-ng: 8.0 and 8.1.
To update, follow this guide. You can also join the discussion on our community forum. Hosts reboot necessary after this update.
Related: Citrix Hypervisor Security Bulletin
Summary
Several security issues have been identified in Xen and in the Linux kernel's Xen support, that may allow:
- a PV guest VM to be compromised by unprivileged code running in that VM
- host crashes or unresponsiveness caused by privileged code in a guest VM
- memory corruption of the host or other VMs from an HVM guest VM with a PCI passthrough device.
These issues have been fixed in XCP-ng 8.1 (updated on November 30th) and partially fixed in XCP-ng 8.0 (updated on October 2nd).
List of issues and references
- CVE-2020-27670 (XSA-347) - Fixed in XCP-ng 8.0 and 8.1
- CVE-2020-27671 (XSA-346) - Fixed in XCP-ng 8.0 and 8.1
- CVE-2020-27672 (XSA-345) - Fixed in XCP-ng 8.0 and 8.1
- CVE-2020-27673 (XSA-332) - Fixed in XCP-ng 8.1
- CVE-2020-27674 (XSA-286) - Fixed in XCP-ng 8.0 and 8.1
- CVE-2020-27675 (XSA-331) - Fixed in XCP-ng 8.1
XCP-ng 8.0 end of life is coming soon
XCP-ng 8.0 will reach its end of life as soon as XCP-ng 8.2 is released. This is likely to happen within two weeks.
Exceptionally, there are two CVEs that were not fixed in XCP-ng 8.0. We advise users of this release to:
- Review the two CVEs and assess the risk (trusted vs untrusted workloads)
- Upgrade as soon as possible to a higher release of XCP-ng
Other updates
The batch of updates released at this occasion also contains a few bugfixes and enhancements.
XCP-ng 8.1
- Fix compatibility with XenDesktop
- Openflow support in the SDN controller
- DHCP requests from the host now properly send the hostname to the DHCP server
XCP-ng 8.0
- Support for backups with RAM in Xen Orchestra
- Openflow support in the SDN controller
- DHCP requests from the host now properly send the hostname to the DHCP server
