Denial of Service Vulnerability in Avahi Library Affects Red Hat
CVE-2023-1981

5.5MEDIUM

Key Information:

Vendor: Avahi
Status: Avahi
Vendor: CVE Published:; 26 May 2023

What is CVE-2023-1981?

A vulnerability in the avahi library permits an unprivileged user to execute a dbus call, resulting in the unintended crashing of the avahi daemon. This flaw can lead to service interruptions, affecting applications relying on Avahi for network service discovery. Users are advised to implement necessary mitigations and keep their libraries updated to avoid potential service disruptions.

Affected Version(s)

avahi avahi-0.7-20

References

https://access.redhat.com/security/cve/CVE-2023-1981

https://bugzilla.redhat.com/show_bug.cgi?id=2185911

https://github.com/lathiat/avahi/issues/375

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2023
Vulnerability Reserved
Apr 11, 2023

JSON