The virtualization solutions from Citrix contained security gaps that the manufacturer closes with updates. The Workspace App for Linux and the hypervisor itself are affected.
In the Workspace App for Linux, local users could have escalated their access rights to root through vulnerabilities (CVE-2022-21825). The versions Workspace App for Linux 2012 to 2111 are affected. In addition, the App Protection component must be installed for this. In its security bulletin, Citrix does not mention whether this is the case in the standard installation; no other platforms apart from Linux are affected. However, the manufacturer estimates the risk of the gap as “high” one.
Vulnerabilities in the hypervisor that put Citrix in the risk level “medium“, attackers with privileged code inside virtual machines could abuse it to cause the host to crash or become unresponsive (CVE-2021-28704, CVE-2021-28705, CVE-2021-28714, CVE-2021-28715). All of these gaps affect all currently supported hypervisor versions, explains Citrix in its advisory.
Updated software available
The gap that allows escalation of rights is closed by the Workspace App for Linux 2112 and newer versions, writes Citrix in his message. The versions close the security gaps in the hypervisor Hypervisor 8.2 CU1 LTSR, Hypervisor 8.2 such as XenServer 7.1 LTSR CU2. The downloads are linked Citrix in the security advisory to.
In the case of the Workspace App for Linux, Cisco advises administrators and IT security officers to install the updates as soon as possible. However, they should update the hypervisor as their patch schedule allows.