Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2021-3502

Published: 07/05/2021 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Avahi

Vulnerability Summary

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local malicious user to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

avahi avahi 0.8-5

Vendor Advisories

Red Hat: Low: Logging Subsystem 5.8.1- Red Hat OpenShift security update
Synopsis Low: Logging Subsystem 581- Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Debian CVElist Bug Report Logs: avahi: CVE-2021-3502: reachable assertion in avahi_s_host_name_resolver_start when trying to resolve badly-formatted hostnames
Debian Bug report logs - #986018 avahi: CVE-2021-3502: reachable assertion in avahi_s_host_name_resolver_start when trying to resolve badly-formatted hostnames Package: avahi-daemon; Maintainer for avahi-daemon is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Source for avahi-daemon is src:avahi (PTS, bui ...
Red Hat: CVE-2021-3502
A flaw was found in avahi A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames The highest threat from this vulnerability is to the service availability ...
Arch Linux Issues:
A security issue was found in avahi A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames ...

References

CWE-617https://github.com/lathiat/avahi/issues/338https://bugzilla.redhat.com/show_bug.cgi?id=1946914https://access.redhat.com/errata/RHSA-2023:7720https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2021-3502
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook