EulerOS 2.0 SP10 : avahi (EulerOS-SA-2026-1301)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after...

EulerOS Virtualization 2.10.0 : avahi (EulerOS-SA-2026-1549)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them...

SUSE-SU-2026:20491-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2024-52615: Fixed possible DNS response injection via the use of fixed source ports for wide-area DNS queries bsc1233421...

EulerOS 2.0 SP12 : avahi (EulerOS-SA-2026-1081)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2025-2454)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS...

CLSA-2025-1755886204 avahi: Fix of CVE-2024-52615

CVE-2024-52615: fix issue with Avahi-daemon relying on fixed source ports for wide-area DNS queries to prevent attacks with injected malicious DNS responses...

TencentOS Server 4: avahi (TSSA-2025:0544)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0544 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

avahi: Avahi Wide-Area DNS Uses Constant Source Port

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

CVE-2024-52615

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

CVE-2024-52615 Avahi: avahi wide-area dns uses constant source port

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

SUSE CVE-2024-52615

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected...

Avahi 安全特征问题漏洞

Avahi is the Avahi open source set of local service discovery tools for Linux. A security vulnerability exists in Avahi that stems from a dependency on fixed source ports for wide-area DNS lookups, simplifying the injection of malicious DNS response attacks...

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...