Yes. You've missed a point. If avahi-browse completely fails because of one invalid answer, this could allow what we call DoS, Denial of Service (Attack).
All those cryptographic verification, bells, whistles can protect you from communicating with the wrong one, but none of them can help you if you don't find the right peer because you don't get an answer to a dns query. You cannot verify a communication peer, if you can't communicate with the peer because you don't know its IP address. This is not about forgery, spoofing, where cryptography would help. This is about turning off avahi-browse's functionality by sending some answer avahi-browse considers as invalid, for whatever reason. Although applications would rather not use the command line tool avahi- browse as a binary, maybe in shell-scripts, they could use libavahi- client, in order to find services on the local network. Lots of services and devices in the LAN are nowadays found that way, e.g. Printers, TVs, sound devices. Lots of other stuff. And libavahi-client most probably shows the same effect. And if you can't find the service providers, because avahi completely refuses to work because of an invalid packet, this is a denial of service, and btw., it is poor software, because software should be robust against malformed packages of any kind. And this is not easy to solve, because avahi does not give any hint about what service type is considered as invalid or from which IP address it came from. So it is a security issue. Although security is not the primary problem, because this doesn't need an attacker to fail and it does fail in complete absence of an attacker. But it could be abused in certain cases to sabotage programs mking use of mdns service discovery. regards -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/2002891 Title: avahi_service_browser_new() failed: Invalid service type Status in avahi package in Ubuntu: New Bug description: Hi, on a network, where the router offers DHCP, but does not put the DHCP clients in a DNS domain, thus where it is necessary to use mdns/avahi instead, I ran into several problems with avahi. One is avahi-browse -a -t avahi_service_browser_new() failed: Invalid service type No other output. i.e. it just does not work. In this network, all Ubuntu machines show this behaviour. In my other network (with working DHCP-DNS, different router, different brand, therefore not depending on mdns) the problem does not occur Since the debugging output of avahi software is – if at all – very poor, I cannot see what causes this problem. However, dbus-monitor --system showed ... method call time=1673742811.321042 sender=:1.692 -> destination=org.freedesktop.Avahi serial=10 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "_ipp._tcp" string "local" uint32 0 method return time=1673742811.321093 sender=:1.479 -> destination=:1.692 serial=557 reply_serial=10 object path "/Client29/ServiceBrowser3" method call time=1673742811.321259 sender=:1.692 -> destination=org.freedesktop.Avahi serial=11 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "_scanner._tcp" string "local" uint32 0 method return time=1673742811.321301 sender=:1.479 -> destination=:1.692 serial=558 reply_serial=11 object path "/Client29/ServiceBrowser4" method call time=1673742811.321391 sender=:1.692 -> destination=org.freedesktop.Avahi serial=12 path=/; interface=org.freedesktop.Avahi.Server; member=ServiceBrowserNew int32 -1 int32 -1 string "" string "" uint32 0 error time=1673742811.321479 sender=:1.479 -> destination=:1.692 error_name=org.freedesktop.Avahi.InvalidServiceTypeError reply_serial=12 string "Invalid service type" So it seems as if the client (browser) queries one services after the other, which works, but then an empty string as a name, which is rejected by the daemon, which then makes the client to spit out this error message and then terminate immediately. Since I have similar (i.e. very similar, both created with puppet) machines, and all machines in one network fail, while similar machines in another don't, I guess that the problem is caused by some network reply, maybe a printer. This, however, could be a security problem, because if someone can cause avahi and thus mdns resolution to fail in networks like this here, where the router and dhcp server does not offer the host names in a DNS domain (Huawei glass fiber router), a malformed packet could cause the mdns resolution of avahi to fail and therefore could be used for an attack, effectively blocking certain kinds of mdns service resolution. But since I have not yet understood what really causes this problem, it is just an assumption. regards ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: avahi-utils 0.8-5ubuntu5 ProcVersionSignature: Ubuntu 5.15.0-58.64-generic 5.15.74 Uname: Linux 5.15.0-58-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu82.3 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Sun Jan 15 02:35:24 2023 InstallationDate: Installed on 2022-12-25 (20 days ago) InstallationMedia: Xubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 (20220809.1) SourcePackage: avahi UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/2002891/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
