Citrix released CTX140814 to address a denial of service (DoS) vulnerability on Windows virtual machines with the XenServer tools installed. Should I install CTX140814 on my Amazon EC2 instances running Windows with the Citrix XenServer tools installed?

This vulnerability has been assigned CVE number CVE-2014-3798: XenServer tools network-based DoS vulnerability. This vulnerability targets a feature known as VLAN tagging, which is used to insert information (tags) into packet headers (frames) on Ethernet networks to identify which virtual local area network (VLAN) the associated packet should be sent to.

Amazon EC2 does not use VLAN tagging, therefore this vulnerability does not affect Amazon EC2 instances running Windows.

Citrix, VLAN tagging, hotfix, vulnerability, XenServer Tools, Denial of Service, virtual, Windows

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2016-03-01