#14866: Fix CVE-2021-3468 in Avahi
-------------------------+-----------------------
Reporter: renodr | Owner: blfs-book
Type: enhancement | Status: new
Priority: elevated | Milestone: 10.2
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
Arch has the following vulnerability noted in Avahi:
{{{
A security issue was found in avahi. The event used to signal the
termination of the client connection on the avahi Unix socket is not
correctly handled in the client_work function. Denial of service can be
triggered by writing long lines to /run/avahi-daemon/socket resulting in
an unresponsive busy-loop of the daemon.
}}}
Unfortunately, this can be exploited via network-based printers.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14866>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
