Lucene search

K

GoogleOSV:USN-6129-2

HistoryJul 25, 2023 - 1:18 p.m.

avahi vulnerability

2023-07-2513:18:51

Google

osv.dev

9

avahi

ubuntu

vulnerability

usn-6129-1

denial of service

dbus messages

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

USN-6129-1 fixed a vulnerability in Avahi. This update provides the
corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04
LTS.

Original advisory details:

It was discovered that Avahi incorrectly handled certain DBus messages. A
local attacker could possibly use this issue to cause Avahi to crash,
resulting in a denial of service.

References

ubuntu.com/security/CVE-2023-1981

ubuntu.com/security/notices/USN-6129-2

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

Related for OSV:USN-6129-2

alpinelinux1 nessus31 openvas18 oraclelinux2 nvd1 fedora1 redhatcve1 mageia1 redos1 rocky1 osv6 debian1 cvelist1 cve1 almalinux2 ubuntu2 veracode1 prion1 amazon1 ubuntucve1 debiancve1 redhat9 ibm2 hp1