Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. All Xenstore entries of a guest below /local/domain/<domid> are deleted by Xen tools when a guest is destroyed. Therefore only entries belonging to other guests, referring to the deleted guests, are potentially affected.
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1908095]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.