CVE-2009-0758

Name: CVE-2009-0758
Creator: NVD / NIST
Published: 2009-03-03T16:30:05.313+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.01%

Last modified Jun 16, 2026

CVE-2009-0758 is a vulnerability of currently unknown severity. The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.. EPSS estimates a 2.01% chance of exploitation in the next 30 days.

Description

The originates_from_local_legacy_unicast_socket function in avahi-core/server.c in avahi-daemon 0.6.23 does not account for the network byte order of a port number when processing incoming multicast packets, which allows remote attackers to cause a denial of service (network bandwidth and CPU consumption) via a crafted legacy unicast mDNS query packet that triggers a multicast packet storm.

Metrics

EPSS Probability

2.01%

78.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-399

Affected Software

Vendor	Product	Versions
Avahi	Avahi-Daemon	0.6.23

References

Timeline

Published: Mar 3, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-0758?

How severe is CVE-2009-0758?

Severity scoring for CVE-2009-0758 is pending analysis. The EPSS model estimates a 2.01% probability of exploitation in the next 30 days.

How do I fix CVE-2009-0758?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0758?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST