Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling the RecordBrowserNew method directly or creating hostname/address/service resolvers/browsers that create those browsers internally themselves.
0.8-100.8-110.8-120.8-130.8-140.8-150.8-160.8-170.8-50.8-5+deb11u1+6 more0.8-100.8-10+deb12u10.8-110.8-120.8-130.8-140.8-150.8-160.8-170.8-160.8-170.8-160.8-17Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H