First published: Tue Jul 25 2023(Updated: )
USN-6129-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/avahi-daemon | <0.7-3.1ubuntu1.3+esm1 | 0.7-3.1ubuntu1.3+esm1 |
=18.04 | ||
All of | ||
ubuntu/avahi-daemon | <0.6.32~rc+dfsg-1ubuntu2.3+esm2 | 0.6.32~rc+dfsg-1ubuntu2.3+esm2 |
=16.04 | ||
All of | ||
ubuntu/avahi-daemon | <0.6.31-4ubuntu1.3+esm2 | 0.6.31-4ubuntu1.3+esm2 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this Avahi vulnerability is USN-6129-2.
The versions of Ubuntu affected by this Avahi vulnerability are 14.04 LTS, 16.04 LTS, and 18.04 LTS.
The severity of the Avahi vulnerability identified in USN-6129-1 is not specified.
To fix the Avahi vulnerability in Ubuntu 14.04 LTS, update the avahi-daemon package to version 0.6.31-4ubuntu1.3+esm2 or later.
You can find more information about the Avahi vulnerability at the following references: [CVE-2023-1981](https://ubuntu.com/security/CVE-2023-1981), [USN-6129-1](https://ubuntu.com/security/notices/USN-6129-1), [USN-6129-2](https://ubuntu.com/security/notices/USN-6129-2).