Main Vulnerability Database SB2025121947

SB2025121947 - Local denial of service in Avahi

Published: December 19, 2025

Security Bulletin ID SB2025121947

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2025-59529)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to the application ignores the documented client limit and accepts unlimited connections. A local user can initiate multiple socket connections, exhaust daemon memory and file descriptors and perform a denial of service attack.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://github.com/avahi/avahi/security/advisories/GHSA-73wf-3xmj-x82q