Gentoo FoundationMGASA-2024-0016Updated avahi packages fix security vulnerabilities
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%
The updated packages fix security vulnerabilities: A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. (CVE-2023-38469) A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. (CVE-2023-38470) A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. (CVE-2023-38471) A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. (CVE-2023-38472) A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. (CVE-2023-38473)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | avahi | < 0.8-10.1 | avahi-0.8-10.1.mga9 |
References
Related
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%