cve-2026-34933

CVE-2026-34933 is a denial-of-service vulnerability in Avahi, the mDNS/DNS-SD infrastructure commonly used on Linux systems including those running Windows Subsystem for Linux. The flaw involves a reachable assertion in the transport_flags_from_domain() function triggered by a local D-Bus method call with conflicting publish flags. This can crash the avahi-daemon, disrupting service discovery on the affected machine. The issue is classified under CWE-617 and is patched in Avahi 0.9-rc4. For Windows users relying on WSL or network discovery features, this vulnerability can impact local network service availability. Discussions on WindowsForum.com cover the technical details, affected versions, and mitigation steps for administrators managing mixed environments.