CVE-2009-0758 — Avahi vulnerability

CWE-3997 documents7 sources

Severity

7.8HIGHNVD

EPSS

1.1%

top 21.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avahi Debian Avahi Avahi Avahi-daemon

Timeline

PublishedMar 3

Latest updateMay 2

Description

The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDavahi/avahi-daemon0.6.23

▶debiandebian/avahi< avahi 0.6.24-3 (bookworm)

▶Debianavahi/avahi< 0.6.24-3+3

🔴Vulnerability Details

GHSA

GHSA-g7f8-4qm9-qgg5: The originates_from_local_legacy_unicast_socket function in avahi-core/server↗2022-05-02

▶

OSV

CVE-2009-0758: The originates_from_local_legacy_unicast_socket function in avahi-core/server↗2009-03-03

▶

📋Vendor Advisories

Ubuntu

Avahi vulnerabilities↗2010-09-29

▶

Red Hat

avahi: remote DoS via legacy unicast mDNS queries↗2009-03-01

▶

Debian

CVE-2009-0758: avahi - The originates_from_local_legacy_unicast_socket function in avahi-core/server.c ...↗2009

▶

💬Community

Bugzilla

CVE-2009-0758 avahi: remote DoS via legacy unicast mDNS queries↗2009-03-03

▶