Fedora 42 : xen (2026-0c9aff64a5)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0c9aff64a5 advisory. oxenstored keeps quota related use counts across domain destruction XSA-483, CVE-2026-23556 Xenstored DoS via XSRESETWATCHES command XSA-484,...

PT-2026-35870

6 Xen Security Advisories 483 v2 CVE-2026-23556: oxenstored keeps quota related use counts across domain destruction https://t.co/C1Gujss3PN 484 v2 CVE-2026-23557: Xenstored DoS via XS RESET WATCHES command https://t.co/XE62vAFyR0 1/3...

oxenstored keeps quota related use counts across domain destruction

ISSUE DESCRIPTION When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. IMPACT Over an extended period of time, new domains will b...

EUVD-2018-7348

Malware in sbrugna...

EUVD-2020-21850

Malware in sbrugna...

EUVD-2020-21854

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-42324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ri...

Linux Distros Unpatched Vulnerability : CVE-2018-15470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple...

Linux Distros Unpatched Vulnerability : CVE-2020-29479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root nod...

Linux Distros Unpatched Vulnerability : CVE-2020-29486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has...

Linux Distros Unpatched Vulnerability : CVE-2020-29482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which...

SUSE CVE-2013-0215

oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service daemon crash and host-control outage, or memory consumption or obtain sensitive control-plane data by...

SUSE CVE-2013-4416

The Ocaml xenstored implementation oxenstored in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service domain shutdown via a large message reply...

SUSE CVE-2018-15470

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...

SUSE CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

SUSE CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

SUSE CVE-2020-29484

An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that was specified when registering the watch. Any...

SUSE CVE-2020-29486

An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running...

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...