Description
When oxenstored is tearing a domain down, the node data is cleaned up
but the usage counts are leaked.
When the domain ID is eventually reused, the new domain can create fewer
nodes before beeing deemed to be over quota.
but the usage counts are leaked.
When the domain ID is eventually reused, the new domain can create fewer
nodes before beeing deemed to be over quota.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://xenbits.xen.org/xsa/advisory-483.html |
|
History
Thu, 09 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota. | |
| Title | oxenstored keeps quota related use counts across domain destruction | |
| Weaknesses | CWE-281 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: XEN
Published:
Updated: 2026-07-09T15:37:46.026Z
Reserved: 2026-01-14T13:07:36.961Z
Link: CVE-2026-23556
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses