CVE-2021-3468
5.5 MEDIUMA flaw was found in avahi in versions 0.6 up to 0.8
Published: 2021-06-02 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 5.5 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- CWE
- CWE-835
Affected products
| Vendor | Product |
|---|---|
| avahi | avahi, debian_linux |
| debian | avahi, debian_linux |
Description
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3468
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=1939614
- [Other]https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html
- [Other]https://lists.debian.org/debian-lts-announce/2023/06/msg00028.html
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=1939614
- [Other]https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html
- [Other]https://lists.debian.org/debian-lts-announce/2023/06/msg00028.html
Related CVEs
Same vendor
- CVE-2026-49975 — Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP ... (7.5 HIGH)
- CVE-2026-31431 — In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly r... (7.8 HIGH)
- CVE-2026-4775 — A flaw was found in the libtiff library (7.8 HIGH)
- CVE-2026-3497 — Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions (7.5 HIGH)
- CVE-2026-2219 — It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the dat... (7.5 HIGH)
Same CWE
- CVE-2026-48733 — ImageMagick is free and open-source software used for editing and manipulating digital images (4.7 MEDIUM)
- CVE-2026-46521 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
- CVE-2026-46522 — ImageMagick is free and open-source software used for editing and manipulating digital images (7.5 HIGH)
- CVE-2026-49495 — Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection ... (5.5 MEDIUM)
- CVE-2025-71330 — image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event l... (7.5 HIGH)