The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.03862Percentile:
0.87733
CVSS Scoring
CVSS v2 Score: 5.0
Severity:
Affected Products
cpe:2.3:a:avahi:avahi:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.13:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.14:*:*:*:*:*:*:*
cpe:2.3:a:avahi:avahi:0.6.15:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me