CVE-2026-23557

MEDIUM

Xenstored DoS via XS_RESET_WATCHES command

Title source: cna

Description

Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will happen, as assert() is doing nothing in this case. Note that the default is not to define NDEBUG for xenstored builds even in release builds of Xen.

References (3)

Core 3

Core References

Mailing List

http://www.openwall.com/lists/oss-security/2026/04/28/11

Various Sources

http://xenbits.xen.org/xsa/advisory-484.html

https://xenbits.xenproject.org/xsa/advisory-484.html

Scores

CVSS v3 6.5

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-617

Status published

Products (2)

xen/xen 4.2.0

Xen/Xen consult Xen advisory XSA-484

Published May 19, 2026

Tracked Since May 19, 2026