VDB

DEBIAN-CVE-2026-34933

DEBIAN-CVE-2026-34933 PUBLISHED CVSS 5.5 MEDIUM

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:12avahi0.8-11, 0.8-18, 0.8-17
Debian:11avahi0.8-9, 0.8-10, 0.8-11
Debian:13avahi0.8-18, 0.8-17, 0.8-16
Debian:14avahi0, 0.8-17, 0.8-16

Timeline

  • Apr 3, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›