Bug#984938: avahi-daemon: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

Hi, On Sat, Mar 27, 2021 at 08:29:36PM +0100, Salvatore Bonaccorso wrote: > Control: forwarded -1 https://github.com/lathiat/avahi/pull/330 > Control: retitle -1 avahi: CVE-2021-3468: local DoS by event-busy-loop from > writing long lines to /run/avahi-daemon/socket > > On Fri, Mar 26, 2021 at

Bug#984938: avahi-daemon: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

Control: forwarded -1 https://github.com/lathiat/avahi/pull/330 Control: retitle -1 avahi: CVE-2021-3468: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket On Fri, Mar 26, 2021 at 12:22:29PM +0100, Riccardo Schirone wrote: > I have requested a CVE through Red Hat.

Bug#984938: avahi-daemon: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

I have requested a CVE through Red Hat. I'm proposing a patch upstream[1]. Additional details about the flaw at [2]. [1] https://github.com/lathiat/avahi/pull/330 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1939614#c3 Thanks, -- Riccardo Schirone Red Hat -- Product Security Email:

Bug#984938: avahi-daemon: local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket

Package: avahi-daemon Version: 0.7-4+b1 Severity: important Tags: security Dear Maintainers, I found a local denial-of-service vulnerability in avahi-daemon. It can be triggered by writing long lines to /run/avahi-daemon/socket and results in an unresponsive busy-loop of the daemon. Steps to