Rewterz Threat Alert – Russian APT Gamaredon Using Template Injection
April 1, 2021Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk AssetCentre Multiple Vulnerabilities
April 2, 2021Rewterz Threat Alert – Russian APT Gamaredon Using Template Injection
April 1, 2021Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk AssetCentre Multiple Vulnerabilities
April 2, 2021Severity
High
Analysis Summary
CVE-2021-28038
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver.
CVE-2021-28688
A malicious or buggy frontend driver may be able to cause resource leaksfrom the corresponding backend driver. This can result in a host-wideDenial of Service.
Impact
Denial of Service
Affected Vendors
Citrix
Affected Products
Citrix Hypervisor all versions
Remediation
Citrix recommends users to apply patches as soon as possible.