Xen · Xen · CVE-2026-23555
**Name of the Vulnerable Software and Affected Versions**
Xen (affected versions not specified)
**Description**
A guest issuing a Xenstore command accessing a node using the path '/local/domain/' can cause xenstored to crash due to a corrupted error indicator during node path verification. The crash is triggered by a failing assert statement within xenstored. If xenstored is built with NDEBUG defined, an unprivileged guest attempting to access the '/local/domain/' path will no longer be serviced, while other guests, including dom0, will continue to be serviced, but xenstored will consume all available CPU time. The vulnerable path is `/local/domain/`.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.