CVE-2021-3468

CVE-2021-3468

Name

CVE-2021-3468

Description

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://bugzilla.redhat.com/show_bug.cgi?id=1939614

Type

URI

MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1939614

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:avahi:avahi::::::::`	avahi	>= 0.6	<= 0.8

CPE URI

Source package

Min version

Max version

cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*

avahi

>= 0.6

<= 0.8

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
avahi	edge-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r22	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r18	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r14	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r12	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r11	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r10	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r9	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r8	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r6	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r5	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r4	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	edge-main	0.8-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.7-r2	None	possibly vulnerable
avahi	3.23-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.22-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.22-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.22-main	0.8-r16	None	fixed
avahi	3.22-main	0.8-r15	None	fixed
avahi	3.22-main	0.8-r14	None	fixed
avahi	3.22-main	0.8-r5	None	fixed
avahi	3.22-main	0.8-r4	None	fixed
avahi	3.22-main	0.7-r2	None	possibly vulnerable
avahi	3.21-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.21-main	0.8-r16	None	fixed
avahi	3.21-main	0.8-r15	None	fixed
avahi	3.21-main	0.8-r14	None	fixed
avahi	3.21-main	0.8-r5	None	fixed
avahi	3.21-main	0.8-r4	None	fixed
avahi	3.21-main	0.7-r2	None	possibly vulnerable
avahi	3.20-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.20-main	0.8-r16	None	fixed
avahi	3.20-main	0.8-r15	None	fixed
avahi	3.20-main	0.8-r14	None	fixed
avahi	3.20-main	0.8-r5	None	fixed
avahi	3.20-main	0.8-r4	None	fixed
avahi	3.20-main	0.7-r2	None	possibly vulnerable
avahi	3.19-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.19-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.19-main	0.8-r14	None	fixed
avahi	3.19-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.19-main	0.8-r5	None	fixed
avahi	3.19-main	0.8-r4	None	fixed
avahi	3.19-main	0.7-r2	None	possibly vulnerable
avahi	3.18-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.18-main	0.8-r4	None	fixed
avahi	3.17-main	0.8-r6	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.17-main	0.8-r4	None	fixed
avahi	3.12-main	0.8-r4	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.12-main	0.8-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
avahi	3.12-main	0.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.11-main	0.8-r1	None	fixed
avahi	3.11-main	0.7-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.11-main	0.7-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.10-main	0.7-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages