Описание
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| avahi | fixed | 0.8-18 | package | |
| avahi | no-dsa | trixie | package | |
| avahi | no-dsa | bookworm | package | |
| avahi | postponed | bullseye | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2326429
https://github.com/avahi/avahi/issues/254
https://github.com/avahi/avahi/issues/254#issuecomment-2480519212
turn off wide-area feature: https://github.com/avahi/avahi/pull/577
Revisiting of feature: https://github.com/avahi/avahi/issues/578
https://github.com/avahi/avahi/security/advisories/GHSA-r9j3-vjjh-p8vm
Mitiated by default since avahi/0.8-17 with enable-wide-area=no
Связанные уязвимости
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
Avahi: avahi wide-area dns predictable transaction ids
