PT-2021-21182 · Avahi · Avahi
Published
2021-07-07
·
Updated
2021-08-19
·
CVE-2021-36217
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Avahi version 0.8
Description
The issue allows a local denial of service, resulting in a NULL pointer dereference and daemon crash against avahi-daemon. This can be achieved via the D-Bus interface or by executing a
ping .local command.Recommendations
For Avahi version 0.8, consider restricting access to the D-Bus interface and avoid using the
ping .local command until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability. Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Avahi