Medium severity5.5NVD Advisory· Published May 7, 2021· Updated Jun 17, 2026
CVE-2021-3502
CVE-2021-3502
Description
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- osv-coords11 versionspkg:rpm/almalinux/avahipkg:rpm/almalinux/avahi-compat-howlpkg:rpm/almalinux/avahi-compat-howl-develpkg:rpm/almalinux/avahi-compat-libdns_sdpkg:rpm/almalinux/avahi-compat-libdns_sd-develpkg:rpm/almalinux/avahi-develpkg:rpm/almalinux/avahi-glibpkg:rpm/almalinux/avahi-glib-develpkg:rpm/almalinux/avahi-libspkg:rpm/almalinux/avahi-toolspkg:rpm/opensuse/avahi&distro=openSUSE%20Tumbleweed
< 0.8-15.el9+ 10 more
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-15.el9
- (no CPE)range: < 0.8-7.2
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingPatchThird Party Advisory
- github.com/lathiat/avahi/issues/338nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.