4 matches found
SUSE-SU-2026:21127-1 Security update for avahi
This update for avahi fixes the following issues: - CVE-2026-24401: Fix unsolicited mDNS response containing a recursive CNAME record. bsc1257235...
SUSE-SU-2026:1191-1 Security update for avahi
This update for avahi fixes the following issue: - CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record bsc1257235...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the lookuphandlecname function when processing an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name are identical. An attacker can cause a crash and exhaust the...
CVE-2025-68468 Avahi has a reachable assertion in lookup_multicast_callback
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...