CVE-2017-6519

Priority
Description
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6
unicast queries with source addresses that are not on-link, which allows
remote attackers to cause a denial of service (traffic amplification) and
may cause information leakage by obtaining potentially sensitive
information from the responding device via port-5353 UDP packets. NOTE:
this may overlap CVE-2015-2809.
Mitigation
Block udp port 5353 at perimeter firewall
Notes
Package
Source: avahi (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (0.6.30-5ubuntu2.3)
Ubuntu 14.04 ESM (Trusty Tahr):released (0.6.31-4ubuntu1.3)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.6.32~rc+dfsg-1ubuntu2.3)
Ubuntu 18.04 LTS (Bionic Beaver):released (0.7-3.1ubuntu1.2)
Patches:
Upstream:https://github.com/lathiat/avahi/commit/e111def44a7df4624a4aa3f85fe98054bffb6b4f
More Information

Updated: 2020-07-28 20:02:17 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)