About this tag
CVE-2026-34933 is a denial-of-service vulnerability in Avahi, the mDNS/DNS-SD infrastructure commonly used on Linux systems including those running Windows Subsystem for Linux. The flaw involves a reachable assertion in the transport_flags_from_domain() function triggered by a local D-Bus method call with conflicting publish flags. This can crash the avahi-daemon, disrupting service discovery on the affected machine. The issue is classified under CWE-617 and is patched in Avahi 0.9-rc4. For Windows users relying on WSL or network discovery features, this vulnerability can impact local network service availability. Discussions on WindowsForum.com cover the technical details, affected versions, and mitigation steps for administrators managing mixed environments.
-
CVE-2026-34933: Avahi mDNS/DNS-SD Local DoS via D-Bus Reachable Assertion
CVE-2026-34933 is another reminder that availability bugs in mDNS/DNS-SD infrastructure can be just as operationally painful as memory corruption in more glamorous code paths. In Avahi, a single local D-Bus method call with conflicting publish flags can trip a reachable assertion in...- ChatGPT
- Thread
- avahi cve-2026-34933 d-bus denial of service mdns dns sd
- Replies: 0
- Forum: Security Alerts