Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-68276

Опубликовано: 12 янв. 2026
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling the RecordBrowserNew method directly or creating hostname/address/service resolvers/browsers that create those browsers internally themselves.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*
Версия до 0.9 (исключая)
cpe:2.3:a:avahi:avahi:0.9:rc1:*:*:*:*:*:*

EPSS

Процентиль: 0%
0.00006
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-617

Связанные уязвимости

ubuntu логотип

CVE-2025-68276

CVSS3: 5.5
ubuntu
3 месяца назад

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling the RecordBrowserNew method directly or creating hostname/address/service resolvers/browsers that create those browsers internally themselves.

redhat логотип

CVE-2025-68276

CVSS3: 5.5
redhat
3 месяца назад

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling the RecordBrowserNew method directly or creating hostname/address/service resolvers/browsers that create those browsers internally themselves.

msrc логотип

CVE-2025-68276

CVSS3: 5.5
msrc
3 месяца назад

Avahi has a reachable assertion in avahi_wide_area_scan_cache

debian логотип

CVE-2025-68276

CVSS3: 5.5
debian
3 месяца назад

Avahi is a system which facilitates service discovery on a local netwo ...

fstec логотип

BDU:2026-03597

CVSS3: 5.5
fstec
3 месяца назад

Уязвимость системы обнаружения сервисов в локальной сети Avahi, связанная с недостатком использования функции assert(), позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%
0.00006
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-617