About Citrix vulnerabilities (CVE-2021-28704 & CVE-2021-28707) 13th Jan 2022

Preface: Virtual memory settings can often be controlled through the OS. In addition, RAM uses swapping techniques, while virtual memory uses paging. While physical memory is limited to the size of the RAM chip, virtual memory is limited by the size of the hard disk.

Background: When you create a VM, a fixed amount of memory is allocated to the VM. You can use Dynamic Memory Control (DMC) to improve the utilization of physical memory in your Citrix Hypervisor environment. DMC is a memory management feature that enables dynamic reallocation of memory between VMs.

The QEMU component is a superset of the QEMU device model present in Xen. In KVM, the QEMU binary directly takes care of talking to the hypervisor to create the guest domain. In Xen, the QEMU binary merely provides the I/O emulation, while XenD takes care of actually creating the domain.

DomU, it is an unprivileged domain with (by default) no access to the hardware. It must run a FrontendDriver for multiplexed hardware it wishes to share with other domains. In Dom0, the kernel for a DomU comes from Dom0’s filesystem, not from the filesystem exported to the DomU.

Vulnerability details: Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to take control of an affected system. For more details, please refer to the link – https://support.citrix.com/article/CTX335432

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.