Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-68468

Опубликовано: 12 янв. 2026
Источник: debian
EPSS Низкий

Описание

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
avahifixed0.8-18package
avahino-dsatrixiepackage
avahino-dsabookwormpackage
avahipostponedbullseyepackage

Примечания

  • https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52

  • https://github.com/avahi/avahi/issues/683

  • Fixed by: https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a

EPSS

Процентиль: 2%
0.00014
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-68468

CVSS3: 6.5
ubuntu
3 месяца назад

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

redhat логотип

CVE-2025-68468

CVSS3: 6.5
redhat
3 месяца назад

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

nvd логотип

CVE-2025-68468

CVSS3: 6.5
nvd
3 месяца назад

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

msrc логотип

CVE-2025-68468

CVSS3: 6.5
msrc
3 месяца назад

Avahi has a reachable assertion in lookup_multicast_callback

fstec логотип

BDU:2026-03598

CVSS3: 6.5
fstec
3 месяца назад

Уязвимость системы обнаружения сервисов в локальной сети Avahi, связанная с недостатком использования функции assert(), позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 2%
0.00014
Низкий