{"id":"ALSA-2023:6707","summary":"Moderate: avahi security update","details":"Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers.\n\nSecurity Fix(es):\n\n* avahi: Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket (CVE-2021-3468)\n* avahi: reachable assertion in avahi_s_host_name_resolver_start when trying to resolve badly-formatted hostnames (CVE-2021-3502)\n* avahi: avahi-daemon can be crashed via DBus (CVE-2023-1981)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-01-30T02:37:23.878260Z","published":"2023-11-07T00:00:00Z","related":["CVE-2021-3468","CVE-2021-3502","CVE-2023-1981"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6707"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3468"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3502"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-1981"},{"type":"REPORT","url":"https://bugzilla.redhat.com/1939614"},{"type":"REPORT","url":"https://bugzilla.redhat.com/1946914"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2185911"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2023-6707.html"}],"affected":[{"package":{"name":"avahi","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-compat-howl","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-compat-howl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-compat-howl-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-compat-howl-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-compat-libdns_sd","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-compat-libdns_sd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-compat-libdns_sd-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-compat-libdns_sd-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-glib","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-glib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-glib-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-glib-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}},{"package":{"name":"avahi-tools","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/avahi-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8-15.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6707.json"}}],"schema_version":"1.7.3"}