3 matches found
CVE-2026-23557
CVE-2026-23557 affects xenstored. Any guest can crash xenstored by issuing XS_RESET_WATCHES within a transaction due to an assert(); behavior depends on NDEBUG (assert() disabled when NDEBUG is defined). Local attack vector with low privileges and no user interaction, resulting in a high availabi...
Security update for xen
This update for xen fixes the following issues: CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...
Xenstored DoS via XS_RESET_WATCHES command
ISSUE DESCRIPTION Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define...