CVE-2023-34323

Published: Jan 5, 2024

Modified: Nov 4, 2025

PUBLISHED

Description

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming that the quota cannot be negative and are using assert() to confirm it. This will lead to C Xenstored crash when tools are built without -DNDEBUG (this is the default).

Vendor	Product	Versions
Xen	Xen	unknown `consult Xen advisory XSA-440`

References

https://xenbits.xenproject.org/xsa/advisory-440.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-34323

Description

Affected Products

References