Two vulnerabilities affecting the Citrix Hypervisor have been fixed by Citrix, with the “Reptar” high-severity issue affecting Intel CPUs in desktop and server systems being the target of one of the updates. An enterprise-level virtualization platform for setting up and maintaining virtualized systems is called Citrix Hypervisor (previously known as XenServer).
The vulnerabilities identified as CVE-2023-23583 and CVE-2023-46835 are addressed by the hotfixes. The first concerns a security flaw that Intel revealed yesterday, affecting the 2019 “Ice Lake” and subsequent chip generations. The vulnerability, which goes by the name “Redundant Prefix Issue,” occurs when a certain instruction (REP MOVSB) is executed with a redundant REX prefix. This can occasionally cause crashes, system instability, or privilege escalation.