CVE-2026-23557

Published: May 19, 2026

Modified: May 19, 2026

PUBLISHED

Description

Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will happen, as assert() is doing nothing in this case. Note that the default is not to define NDEBUG for xenstored builds even in release builds of Xen.

Vendor	Product	Versions
Xen	Xen	unknown `consult Xen advisory XSA-484`

References

https://xenbits.xenproject.org/xsa/advisory-484.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23557

Description

Affected Products

References