| |
Vulnerability CVE-2023-34323
Published: 2024-01-05
| Description: |
When a transaction is committed, C Xenstored will first check
the quota is correct before attempting to commit any nodes. It would
be possible that accounting is temporarily negative if a node has
been removed outside of the transaction.
Unfortunately, some versions of C Xenstored are assuming that the
quota cannot be negative and are using assert() to confirm it. This
will lead to C Xenstored crash when tools are built without -DNDEBUG
(this is the default).
|
References: |
https://xenbits.xenproject.org/xsa/advisory-440.html
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
