Vulnerability CVE-2021-3502

Vulnerability Name:

CVE-2021-3502 (CCN-201500)

Assigned:

2021-04-27

Published:

2021-04-27

Updated:

2021-05-17

Summary:

A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-476
CWE-617

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-3502

Source: MISC
Type: Exploit, Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1946914

Source: XF
Type: UNKNOWN
avahi-cve20213502-dos(201500)

Source: CCN
Type: avahi GIT Repository
reachable assertion in avahi_s_host_name_resolver_start when trying to resolve badly-formatted hostnames (CVE-2021-3502) #338

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/lathiat/avahi/issues/338

Vulnerable Configuration:

Configuration 1:

cpe:/a:avahi:avahi:0.8-5:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7873	P	avahi-autoipd-0.8-150400.7.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7444	P	avahi-0.8-150400.7.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3257	P	libspice-client-glib-2_0-8-0.33-3.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94502	P	avahi-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94887	P	avahi-autoipd-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2872	P	avahi-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:111993	P	avahi-0.8-7.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105554	P	avahi-0.8-7.2 on GA media (Moderate)	2021-10-01

BACK