CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
9.0%
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers.
Security Fix(es):
avahi: Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket (CVE-2021-3468)
avahi: Reachable assertion in avahi_dns_packet_append_record (CVE-2023-38469)
avahi: Reachable assertion in avahi_escape_label (CVE-2023-38470)
avahi: Reachable assertion in dbus_set_host_name (CVE-2023-38471)
avahi: Reachable assertion in avahi_rdata_parse (CVE-2023-38472)
avahi: Reachable assertion in avahi_alternative_host_name (CVE-2023-38473)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | ppc64le | avahi-gobject-devel | < 0.7-20.el8_6.3 | avahi-gobject-devel-0.7-20.el8_6.3.ppc64le.rpm |
RedHat | 8 | s390x | avahi-compat-howl-debuginfo | < 0.7-20.el8_6.3 | avahi-compat-howl-debuginfo-0.7-20.el8_6.3.s390x.rpm |
RedHat | 8 | aarch64 | avahi-autoipd | < 0.7-20.el8_6.3 | avahi-autoipd-0.7-20.el8_6.3.aarch64.rpm |
RedHat | 8 | aarch64 | avahi-ui | < 0.7-20.el8_6.3 | avahi-ui-0.7-20.el8_6.3.aarch64.rpm |
RedHat | 8 | i686 | avahi-devel | < 0.7-20.el8_6.3 | avahi-devel-0.7-20.el8_6.3.i686.rpm |
RedHat | 8 | aarch64 | avahi-gobject-devel | < 0.7-20.el8_6.3 | avahi-gobject-devel-0.7-20.el8_6.3.aarch64.rpm |
RedHat | 8 | s390x | avahi-libs | < 0.7-20.el8_6.3 | avahi-libs-0.7-20.el8_6.3.s390x.rpm |
RedHat | 8 | i686 | avahi-ui-gtk3-debuginfo | < 0.7-20.el8_6.3 | avahi-ui-gtk3-debuginfo-0.7-20.el8_6.3.i686.rpm |
RedHat | 8 | s390x | avahi-compat-libdns_sd-devel | < 0.7-20.el8_6.3 | avahi-compat-libdns_sd-devel-0.7-20.el8_6.3.s390x.rpm |
RedHat | 8 | aarch64 | avahi-compat-libdns_sd-debuginfo | < 0.7-20.el8_6.3 | avahi-compat-libdns_sd-debuginfo-0.7-20.el8_6.3.aarch64.rpm |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
9.0%