Search CVE reports
1 – 10 of 21 results
CVE-2024-52616
Medium priorityA flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks,...
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | Vulnerable | Vulnerable | Vulnerable | Needs evaluation | Needs evaluation |
CVE-2024-52615
Medium priorityA flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | Vulnerable | Vulnerable | Vulnerable | Needs evaluation | Needs evaluation |
CVE-2023-38473
Medium prioritySome fixes available 7 of 8
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-38472
Medium prioritySome fixes available 7 of 8
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-38471
Medium prioritySome fixes available 7 of 8
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-38470
Medium prioritySome fixes available 7 of 8
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-38469
Medium prioritySome fixes available 7 of 8
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-1981
Medium priorityA vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2021-3468
Medium priorityA flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to...
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Fixed | Fixed | Fixed |
CVE-2021-3502
Medium priorityA flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or...
1 affected packages
avahi
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
avahi | — | Fixed | Not affected | Not affected | Not affected |