CVE-2017-6519 — Insufficient Control of Network Message Volume (Network Amplification) in Avahi

CWE-406 — Insufficient Control of Network Message Volume (Network Amplification)CWE-346 — Origin Validation Error CWE-200 — Sensitive Information Exposure14 documents8 sources

Severity

9.1CRITICALNVD

OSV5.0

EPSS

1.1%

top 21.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avahi Debian Avahi Canonical Ubuntu Linux +3 more

Timeline

PublishedMay 1

Latest updateMay 13

Description

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages7 packages

▶debiandebian/avahi< avahi 0.7-5 (bookworm)

▶Debianavahi/avahi< 0.7-5+3

▶Ubuntuavahi/avahi< 0.6.31-4ubuntu1.3+2

▶NVDavahi/avahi0.6.32+1

▶msrcmsrc/cbl2_avahi_0.8-1_on_cbl_mariner_2.0

Also affects: Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 18.10

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-6vpj-pr2c-5mm2: avahi-daemon in Avahi through 0↗2022-05-13

▶

OSV

avahi vulnerabilities↗2019-01-31

▶

OSV

CVE-2017-6519: avahi-daemon in Avahi through 0↗2017-05-01

▶

📋Vendor Advisories

Ubuntu

Avahi vulnerabilities↗2019-01-31

▶

Ubuntu

Avahi vulnerabilities↗2019-01-31

▶

Red Hat

avahi: DNS amplification and reflection to spoofed addresses↗2018-11-08

▶

Microsoft

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traff↗2017-05-09

▶

Debian

CVE-2017-6519: avahi - avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unic...↗2017

▶

💬Community

Bugzilla

CVE-2018-1000845 avahi: DNS amplification and reflection to spoofed addresses [fedora-all]↗2018-12-20

▶

Bugzilla

CVE-2018-1000845 avahi: DNS amplification and reflection to spoofed addresses↗2018-12-20

▶

Bugzilla

CVE-2017-6519 avahi: Multicast DNS responds to unicast queries outside of local network [fedora-all]↗2017-02-24

▶

Bugzilla

CVE-2017-6519 avahi: Multicast DNS responds to unicast queries outside of local network↗2017-02-24

▶