CVE-2023-38472

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 2, 2023
Updated: Nov 9, 2023
CWE ID 617

Summary

CVE-2023-38472 is a newly identified vulnerability affecting the Avahi software. This issue arises from a reachable assertion in the avahi_rdata_parse() function, which could potentially be exploited by malicious actors. The assertion failure could lead to unexpected behavior or even crashes, creating opportunities for cyberattacks. Successful exploitation may allow attackers to gain unauthorized access to affected systems or disrupt their normal operation. Users are advised to update their Avahi software as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Avahi
  • Red Hat Enterprise Linux

Affected Vendors

  • Red Hat
  • Avahi