Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw

Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw

Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the “Reptar” high-severity flaw that affects Intel CPUs for desktop and server systems.

The Citrix Hypervisor (formerly XenServer) is an enterprise-level virtualization platform for deploying and managing virtualized environments.

The hotfixes address vulnerabilities tracked as CVE-2023-23583 and CVE-2023-46835. The former is a security issue that Intel disclosed yesterday and impacts the ‘Ice Lake’ (2019) and later processor generations.

Known as a ‘Redundant Prefix Issue’, the vulnerability involves the execution of a specific instruction (REP MOVSB) with a redundant REX prefix, potentially leading to system instability, crashes, or, in rare cases, privilege escalation.

Intel released microcode that corrects the problem and recommends a prompt update to mitigate this issue. However, the hardware maker also notes that the probability of real-world exploitation for CVE-2023-23583 is low.

“Although this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to mitigate this CPU hardware issue,” reads the advisory 

“This issue may allow unprivileged code in a guest VM to compromise that VM and, potentially, the host” – Intel

Google researchers, led by Tavis Ormandy, independetly discovered Reptar a while back. Ormandy says that although it is known how to “corrupt the system state badly enough to cause machine check errors,” a method to exploit the bug to achieve privilege escalation is still to be found.

The second vulnerability Citrix fixed is CVE-2023-46835, which impacts Citrix Hypervisor 8.2 CU1 LTSR. It could be exploited to allow malicious privileged code in a guest virtual machine  (VM) to compromise an AMD-based host through a passed-through PCI device.

This problem only impacts VM hosts that use an AMD CPU and which also use a PCI device passthrough.

Instructions on how to apply the hotfix for the above issues can be found on this webpage on Citrix’s Knowledge Center.


Original Source



A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.