SUSE SLES12: avahi / avahi-compat-howl-devel / avahi-compat-mDNSResponder-devel / etc (SUSE-SU-2026:0422-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0422-1 advisory. - CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi- daemon bsc1256498. - CVE-2025-68468: avahi:...

MGASA-2026-0016 Updated avahi packages fix security vulnerabilities

Avahi has a reachable assertion in avahiwideareascancache. CVE-2025-68276 Avahi has a reachable assertion in lookupmulticastcallback. CVE-2025-68468 Avahi has a reachable assertion in lookupstart. CVE-2025-68471...

SUSE-SU-2026:0143-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2025-68276: avahi: reachable assertion in avahiwideareascancache can lead to crash of avahi-daemon bsc1256498. - CVE-2025-68468: avahi: reachable assertion in lookupmulticastcallback can lead to crash of avahi-daemon bsc1256499. -...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the lookupstart process. An attacker can cause a crash of the daemon by sending two unsolicited announcements containing CNAME resource records two seconds apart. Remediation A fix was pushed into the master branc...

CVE-2025-68471 Avahi has a reachable assertion in lookup_start

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart...