Vulnerability in Xen Oxenstored
CVE-2026-23556
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.
Affected products
- Xen Oxenstored — versions all