VDB
DEBIAN-CVE-2026-34933
DEBIAN-CVE-2026-34933
PUBLISHED
CVSS 5.5 MEDIUM
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | avahi | 0.8-11, 0.8-18, 0.8-17 |
| Debian:11 | avahi | 0.8-9, 0.8-10, 0.8-11 |
| Debian:13 | avahi | 0.8-18, 0.8-17, 0.8-16 |
| Debian:14 | avahi | 0, 0.8-17, 0.8-16 |
Timeline
- Apr 3, 2026 CVE Published
- Apr 28, 2026 CVE Updated