Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/06/01 1:29 p.m.12 views

CVE-2026-23557

A flaw was found in xenstored, a component of Xen. Any guest operating system can cause xenstored to crash by issuing an XSRESETWATCHES command within a transaction, leading to a denial of service DoS. This occurs due to an assertion assert triggering, which can halt the xenstored process...

6.5CVSS5.7AI score0.00158EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 2:16 p.m.13 views

CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS0.00158EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 2:16 p.m.3 views

ALPINE-CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 12:49 p.m.11 views

EUVD-2026-30925

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 12:49 p.m.40 views

CVE-2026-23557 Xenstored DoS via XS_RESET_WATCHES command

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 12:49 p.m.29 views

CVE-2026-23557

CVE-2026-23557 affects xenstored. Any guest can crash xenstored by issuing XS_RESET_WATCHES within a transaction due to an assert(); behavior depends on NDEBUG (assert() disabled when NDEBUG is defined). Local attack vector with low privileges and no user interaction, resulting in a high availabi...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:49 p.m.8 views

CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/19 12:49 p.m.7 views

CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00158EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/07 7:15 a.m.6 views

Security update for xen

This update for xen fixes the following issues: Update to Xen 4.20.3 bug fix release bsc1027519 jscPED-8907. CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/05/05 8:3 a.m.6 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.5 views

Fedora 43 : xen (2026-78cd69d9ae)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-78cd69d9ae advisory. oxenstored keeps quota related use counts across domain destruction XSA-483, CVE-2026-23556 Xenstored DoS via XSRESETWATCHES command XSA-484,...

7.8CVSS5.9AI score0.00191EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/04/29 11:6 a.m.4 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

7.8CVSS5.2AI score0.00191EPSS
Exploits0References12
OSV
OSV
added 2026/04/29 11:6 a.m.2 views

SUSE-SU-2026:1657-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. - CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. - CVE-2026-23558: grant table v2 race in status page mapping bsc1262180...

7.8CVSS5.2AI score0.00191EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.6 views

PT-2026-35870

6 Xen Security Advisories 483 v2 CVE-2026-23556: oxenstored keeps quota related use counts across domain destruction https://t.co/C1Gujss3PN 484 v2 CVE-2026-23557: Xenstored DoS via XS RESET WATCHES command https://t.co/XE62vAFyR0 1/3...

5.1AI score0.00158EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/04/28 2:46 p.m.4 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...

7.8CVSS5.3AI score0.00191EPSS
Exploits0References12
OSV
OSV
added 2026/04/28 2:46 p.m.2 views

SUSE-SU-2026:1645-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. - CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. - CVE-2026-23558: grant table v2 race in status page mapping bsc1262180...

7.8CVSS5.2AI score0.00191EPSS
Exploits0References7
Xen Project
Xen Project
added 2026/04/28 12:0 p.m.9 views

Xenstored DoS via XS_RESET_WATCHES command

ISSUE DESCRIPTION Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define...

6.5CVSS5.3AI score0.00158EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.2 views

SUSE CVE-2020-29485

An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...

5.5CVSS6.5AI score0.004EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.5 views

The vulnerability of Xen hypervisors, related to memory release errors, allows a hacker to cause a service failure.

The vulnerability of the Xen hypervisor implementation is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause a service failure by using the XSRESETWATCHES request...

5.5CVSS5.9AI score0.004EPSS
Exploits0References7Affected Software4
Xen Project
Xen Project
added 2020/12/15 12:0 p.m.58 views

oxenstored memory leak in reset_watches

ISSUE DESCRIPTION When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. IMPACT A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. VULNERABLE SYSTEMS All version of Xen since 4.6 are vulnerable. Only systems using the Ocaml...

5.5CVSS2.7AI score0.004EPSS
Exploits0Affected Software1
Rows per page
Query Builder