Description
When oxenstored is tearing a domain down, the node data is cleaned up
but the usage counts are leaked.
When the domain ID is eventually reused, the new domain can create fewer
nodes before beeing deemed to be over quota.
but the usage counts are leaked.
When the domain ID is eventually reused, the new domain can create fewer
nodes before beeing deemed to be over quota.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://xenbits.xen.org/xsa/advisory-483.html |
|
History
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. | |
| Title | oxenstored keeps quota related use counts across domain destruction | |
| Weaknesses | CWE-281 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: XEN
Published:
Updated: 2026-07-09T15:37:46.026Z
Reserved: 2026-01-14T13:07:36.961Z
Link: CVE-2026-23556
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-281
Improper Preservation of Permissions