January 2024 Security Update

Security Jan 26, 2024

New security updates are available for the only currently supported release of XCP-ng: 8.2 LTS.

📔
To update, follow this guide. You can also join the discussion on our community forum. Host reboots are necessary after this update.

📋 Summary

We've updated the Linux kernel in XCP-ng's control domain to fix a security issue. This problem allowed a guest with limited privileges to send special network packets that could crash the network system in XCP-ng.

At Vates, a few users reported this crash, but it only happened in very specific situations. We shared these issues in several places and found out that others were also experiencing similar problems. This led to more people in the community working together to find out what was causing the issue.

🔒 Fixed vulnerability

XSA-448:  CVE-2023-46838 - Linux: netback processing of zero-length transmit fragment. This bug let an unprivileged guest to cause a Denial of Service (DoS) attack on the host system by sending certain network packets to the backend, making it crash. This was especially seen when using pfSense with WireGuard, where it caused random crashes of the host system.

We want to thank Pratyush Yadav from AWS for his hard work in looking into this issue and collaborating with the Xen developers to fix it. His efforts helped get the solution included in the main Xen project.

Tags

David Morel

Hypervisor & Kernel Software Engineer at Vates and XCP-ng Security Coordinator. Open Source enthousiast, using IRC for everything. Raccoons lover.