Advisory ROSA-SA-2023-2243

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-19.0.1.rv3 CVE-ID: CVE-2021-3468 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A bug was discovered in avahi in versions 0.6 through 0.8. The event used to signal the termination of a client connection in the avahi Unix socket...

Avahi 0.7 Denial Of Service Vulnerability

Avahi-daemon in Avahi version through 0.7 inadvertently sends Legacy Unicast Responses to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service traffic amplification or obtain potentially sensitive information via port-5353...