When oxenstored is tearing a domain down, the node data is cleaned up
but the usage counts are leaked.
When the domain ID is eventually reused, the new domain can create fewer
nodes before beeing deemed to be over quota.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://xenbits.xen.org/xsa/advisory-483.html |
|
History
Thu, 09 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. | |
| Title | oxenstored keeps quota related use counts across domain destruction | |
| Weaknesses | CWE-281 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: XEN
Published:
Updated: 2026-07-09T15:37:46.026Z
Reserved: 2026-01-14T13:07:36.961Z
Link: CVE-2026-23556
Updated: 2026-07-09T15:06:25.267Z
No data.
No data.
OpenCVE Enrichment
No data.