cvedb.io
CVE-2021-3468
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2021-06-02T16:15:08.960 · Last modified 2026-06-17T04:05:09.557

Summary

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.

Affected products

avahi — avahi

Does this affect you?

Add your gear to cvedb and we'll alert you only when avahi ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.