CVE-2021-3502

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1946914	Exploit Issue Tracking Patch Third Party Advisory
https://github.com/lathiat/avahi/issues/338	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:avahi:avahi:0.8-5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-07 12:15

Updated : 2024-02-04 21:47

NVD link : CVE-2021-3502

Mitre link : CVE-2021-3502

CVE.ORG link : CVE-2021-3502

JSON object : View

Products Affected

avahi

avahi

CWE

CWE-617

Reachable Assertion

{"id": "CVE-2021-3502", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2021-05-07T12:15:07.267", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946914", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/lathiat/avahi/issues/338", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en avahi versi\u00f3n 0.8-5. Una aserci\u00f3n alcanzable est\u00e1 presente en la funci\u00f3n avahi_s_host_name_resolver_start que permite a un atacante local bloquear el servicio avahi requiriendo resoluciones de nombre de host a trav\u00e9s del socket avahi o m\u00e9todos dbus para nombres de host no v\u00e1lidos. La mayor amenaza de esta vulnerabilidad es la disponibilidad del servicio"}], "lastModified": "2023-11-07T03:38:03.217", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:avahi:avahi:0.8-5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EAEC835-CEC0-4E0E-8D58-0455FC7EA42B"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}