EulerOS Virtualization 2.12.0 : avahi (EulerOS-SA-2026-1473)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where...

CVE-2025-68276 vulnerabilities

Vulnerabilities for packages: avahi...

MiracleLinux 8 : avahi-0.7-21.el8_9.1 (AXSA:2024-7355:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7355:01 advisory. avahi: Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket CVE-2021-3468 avahi: Reachable assertion in...

TencentOS Server 4: avahi (TSSA-2025:0017)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0017 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

NewStart CGSL MAIN 7.02 : avahi Multiple Vulnerabilities (NS-SA-2025-0174)

The remote NewStart CGSL host, running version MAIN 7.02, has avahi packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in Avahi. A reachable assertion exists in the avahialternativehostname function. CVE-2023-38473 - A flaw was found in avahi in versions...

TencentOS Server 4: avahi (TSSA-2025:0018)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0018 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: avahi (TSSA-2023:0322)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0322 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0035: avahi (ALINUX3-SA-2024:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3468: A flaw was found in avahi i...

Amazon Linux 2 : avahi (ALAS-2024-2704)

The version of avahi installed on the remote host is prior to 0.6.31-20. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2704 advisory. avahi: Avahi Wide-Area DNS Uses Constant Source Port CVE-2024-52615 avahi: Avahi Wide-Area DNS Predictable Transaction IDs...

Medium: avahi

Issue Overview: avahi: Avahi Wide-Area DNS Uses Constant Source Port CVE-2024-52615 avahi: Avahi Wide-Area DNS Predictable Transaction IDs CVE-2024-52616 Affected Packages: avahi Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Amazon Linux 2023 : avahi, avahi-autoipd, avahi-compat-howl (ALAS2023-2024-771)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-771 advisory. avahi: Avahi Wide-Area DNS Uses Constant Source Port CVE-2024-52615 avahi: Avahi Wide-Area DNS Predictable Transaction IDs CVE-2024-52616 Tenable has extracted the preceding description block...

[SECURITY] [DLA 3990-1] avahi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3990-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 09, 2024 https://wiki.debian.org/LTS -...

Debian dla-3990 : avahi-autoipd - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3990 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3990-1 [email protected]...

SUSE-SU-2024:1008-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2023-38471: Fixed reachable assertion in dbussethostname bsc1216594. - CVE-2023-38469: Fixed reachable assertions in avahi bsc1216598...

SUSE-SU-2023:4910-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2023-38473: Fixed a reachable assertion when parsing a host name bsc1216419. - CVE-2023-38470: Fixed that each label is at least one byte long bsc1215947...

SUSE-SU-2023:4503-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2023-38470: Ensure each label is at least one byte long bsc1215947. - CVE-2023-38473: Fixed a reachable assertion when parsing a host name bsc1216419...

USN-6487-1 avahi vulnerabilities

Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. CVE-2023-38469, CVE-2023-38470, CVE-2023-38471,...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Avahi vulnerabilities (USN-6487-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6487-1 advisory. Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to...

SUSE-SU-2021:1845-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-3468: avoid infinite loop by handling HUP event in clientwork bsc1184521. - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied o...

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : avahi vulnerabilities (USN-992-1)

It was discovered that Avahi incorrectly handled certain mDNS query packets when the reflector feature is enabled, which is not the default configuration on Ubuntu. A remote attacker could send crafted mDNS queries and perform a denial of service on the server and on the network. This issue only...