USN-5008-1: Avahi vulnerabilities
Thomas Kremer discovered that Avahi incorrectly handled termination signals
on the Unix socket. A local attacker could possibly use this issue to cause
Avahi to hang, resulting in a denial of service. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3468)
It was discovered that Avahi incorrectly handled certain hotnames. A local
attacker could possibly use this issue to cause Avahi to crash, resulting
in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu
21.04. (CVE-2021-3502)
Source: USN-5008-1: Avahi vulnerabilities
Leave a Reply