CVE-2026-23556 PUBLISHED

oxenstored keeps quota related use counts across domain destruction

Assigner: XEN
Reserved: 14.01.2026 Published: 09.07.2026 Updated: 09.07.2026

When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked.

When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score: 9.4

Product Status

Vendor Xen
Product oxenstored
Versions Default: unaffected
  • Version all is affected

Credits

  • This issue was discovered by Andrii Sultanov of Vates. finder

References

Problem Types

  • CWE-281 Improper preservation of permissions CWE

Impacts

  • CAPEC-548 Contaminate Resource