CVE-2026-23555

{"id": "CVE-2026-23555", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.5}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.5}]}, "published": "2026-03-23T07:16:07.330", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-481.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@xen.org"}, {"url": "http://www.openwall.com/lists/oss-security/2026/03/17/7", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://xenbits.xen.org/xsa/advisory-481.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "Any guest issuing a Xenstore command accessing a node using the\n(illegal) node path \"/local/domain/\", will crash xenstored due to a\nclobbered error indicator in xenstored when verifying the node path.\n\nNote that the crash is forced via a failing assert() statement in\nxenstored. In case xenstored is being built with NDEBUG #defined,\nan unprivileged guest trying to access the node path \"/local/domain/\"\nwill result in it no longer being serviced by xenstored, other guests\n(including dom0) will still be serviced, but xenstored will use up\nall cpu time it can get."}, {"lang": "es", "value": "Cualquier invitado que emita un comando de Xenstore accediendo a un nodo utilizando la ruta de nodo (ilegal) '/local/domain/', provocar\u00e1 la ca\u00edda de xenstored debido a un indicador de error sobrescrito en xenstored al verificar la ruta del nodo.\n\nTenga en cuenta que la ca\u00edda es forzada mediante una instrucci\u00f3n assert() fallida en xenstored. En caso de que xenstored se compile con NDEBUG #definido, un invitado sin privilegios que intente acceder a la ruta del nodo '/local/domain/' resultar\u00e1 en que ya no sea atendido por xenstored, otros invitados (incluido dom0) seguir\u00e1n siendo atendidos, pero xenstored consumir\u00e1 todo el tiempo de CPU que pueda obtener."}], "lastModified": "2026-04-10T20:38:17.427", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "242BBD5A-0BAE-4F89-8597-7D286D6C9E25", "versionStartIncluding": "4.18.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@xen.org"}