{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34933", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-31T17:27:08.659Z", "datePublished": "2026-04-03T22:43:26.683Z", "dateUpdated": "2026-04-11T18:09:34.774Z"}, "containers": {"cna": {"title": "Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon", "problemTypes": [{"descriptions": [{"cweId": "CWE-617", "lang": "en", "description": "CWE-617: Reachable Assertion", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"}, {"name": "https://github.com/avahi/avahi/pull/891", "tags": ["x_refsource_MISC"], "url": "https://github.com/avahi/avahi/pull/891"}, {"name": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c", "tags": ["x_refsource_MISC"], "url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"}], "affected": [{"vendor": "avahi", "product": "avahi", "versions": [{"version": "< 0.9-rc4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T22:43:26.683Z"}, "descriptions": [{"lang": "en", "value": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4."}], "source": {"advisory": "GHSA-w65r-6gxh-vhvc", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T16:09:17.006482Z", "id": "CVE-2026-34933", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T16:09:21.475Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/11/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-11T18:09:34.774Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/11/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-11T18:09:34.774Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34933", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T16:09:17.006482Z"}}}], "references": [{"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T16:09:12.363Z"}}], "cna": {"title": "Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon", "source": {"advisory": "GHSA-w65r-6gxh-vhvc", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "avahi", "product": "avahi", "versions": [{"status": "affected", "version": "< 0.9-rc4"}]}], "references": [{"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc", "name": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/avahi/avahi/pull/891", "name": "https://github.com/avahi/avahi/pull/891", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c", "name": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-617", "description": "CWE-617: Reachable Assertion"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T22:43:26.683Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34933", "state": "PUBLISHED", "dateUpdated": "2026-04-11T18:09:34.774Z", "dateReserved": "2026-03-31T17:27:08.659Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-03T22:43:26.683Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*", "matchCriteriaId": "6481267F-934F-4A0C-9B25-59738E798458", "versionEndExcluding": "0.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc1:*:*:*:*:*:*", "matchCriteriaId": "76971590-AEED-4CB1-B7B7-45EA8FD11524", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc2:*:*:*:*:*:*", "matchCriteriaId": "83D94AE4-46AC-4955-BB0D-193CF79149A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc3:*:*:*:*:*:*", "matchCriteriaId": "42B0E12E-E0CC-47B5-B7D3-9FF12156B68E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4."}], "id": "CVE-2026-34933", "lastModified": "2026-04-13T17:26:03.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-03T23:17:05.377", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/avahi/avahi/pull/891"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/04/11/9"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call", "id": "2454978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454978"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-1288", "details": ["Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.", "A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable."], "name": "CVE-2026-34933", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:hummingbird:1", "fix_state": "Fix deferred", "package_name": "avahi", "product_name": "Red Hat Hardened Images 1"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2026-04-03T22:43:26Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-34933\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-34933\nhttps://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c\nhttps://github.com/avahi/avahi/pull/891\nhttps://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,0.9-rc4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "avahi", "source": "cna", "vendor": "avahi"}, "product": "avahi", "vendor": "avahi"}], "analysis": {"en": {"generated_at": "2026-04-13T18:49:10.017559+00:00", "value": {"mitigation_remediation": ["Update Avahi to version 0.9\u2011rc4 or later."], "summary": {"action": "Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Avahi project, specifically any occurrence of the Avahi library or daemon before the 0.9\u2011rc4 release. Known affected builds include the 0.9\u2011rc1, 0.9\u2011rc2, and 0.9\u2011rc3 releases. Systems running earlier versions or these release candidates are at risk unless patched.", "description_and_impact": "Avahi, a local service discovery daemon using mDNS/DNS\u2011SD, contains a reachable assertion bug in the function `transport_flags_from_domain()`. When an unprivileged local user sends a D\u2011Bus method call with conflicting publish flags, the assertion fails and the daemon crashes. The failure is a pure denial of service that does not provide confidentiality or integrity compromise, but it can interrupt automated service discovery and related applications. The weakness corresponds to CWE\u20111288 (Asserted Condition is Not Checked) and CWE\u2011617 (Reachable Assertion).", "risk_and_exploitability": "The CVSS v3.1 score of 5.5 indicates a moderate severity. The EPSS score is less than 1%, suggesting a low probability of exploitation under normal circumstances. The issue is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector requires local privilege; the user must be able to interact with the avahi\u2011daemon's D\u2011Bus interface. Exploitation does not depend on network connectivity and can be performed by any local process without elevated rights, making it relatively easy for local attackers or compromised software. While the impact is limited to service disruption, the low external attack surface reduces immediate risks, yet patching remains advisable."}}}}, "created": "2026-04-06T21:22:01.265283+00:00", "updated": "2026-04-14T16:41:19.266859+00:00", "vendors": ["avahi", "avahi$PRODUCT$avahi"]}