RHSA-2026:11316
Vulnerability from csaf_redhat - Published: 2026-04-28 04:05 - Updated: 2026-04-28 04:07Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Severity
Moderate
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs:
avahi:
* avahi-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-autoipd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-howl-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-howl-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-libdns_sd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-libdns_sd-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-dnsconfd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-glib-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-glib-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-gobject-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-gobject-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-libs-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt3-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt3-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt4-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt4-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt5-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt5-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-gtk3-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-sharp-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-0.9~rc4-0.1.hum1.src (src)
Security Fix(es):
avahi:
* CVE-2025-68276
* CVE-2025-68468
* CVE-2025-68471
* CVE-2026-24401
* CVE-2026-34933
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi's service discovery.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
Workaround
To mitigate this issue, disable the avahi-daemon service if mDNS/DNS-SD functionality is not required on the system.
```bash
sudo systemctl disable --now avahi-daemon.service
sudo systemctl mask avahi-daemon.service
```
Disabling this service may impact applications relying on mDNS for local network service discovery. A system reboot or service reload may be required for the changes to take full effect.
A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\navahi:\n * avahi-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-autoipd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-howl-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-howl-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-libdns_sd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-libdns_sd-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-dnsconfd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-glib-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-glib-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-gobject-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-gobject-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-libs-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt3-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt3-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt4-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt4-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt5-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt5-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-gtk3-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-sharp-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-0.9~rc4-0.1.hum1.src (src)\n\nSecurity Fix(es):\n\navahi:\n * CVE-2025-68276\n * CVE-2025-68468\n * CVE-2025-68471\n * CVE-2026-24401\n * CVE-2026-34933",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11316",
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68276",
"url": "https://access.redhat.com/security/cve/CVE-2025-68276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68468",
"url": "https://access.redhat.com/security/cve/CVE-2025-68468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68471",
"url": "https://access.redhat.com/security/cve/CVE-2025-68471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24401",
"url": "https://access.redhat.com/security/cve/CVE-2026-24401"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34933",
"url": "https://access.redhat.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11316.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update",
"tracking": {
"current_release_date": "2026-04-28T04:07:18+00:00",
"generator": {
"date": "2026-04-28T04:07:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:11316",
"initial_release_date": "2026-04-28T04:05:00+00:00",
"revision_history": [
{
"date": "2026-04-28T04:05:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-28T04:06:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-28T04:07:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@aarch64",
"product": {
"name": "avahi-main@aarch64",
"product_id": "avahi-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@src",
"product": {
"name": "avahi-main@src",
"product_id": "avahi-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@x86_64",
"product": {
"name": "avahi-main@x86_64",
"product_id": "avahi-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@aarch64"
},
"product_reference": "avahi-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@src"
},
"product_reference": "avahi-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@x86_64"
},
"product_reference": "avahi-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68276",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:01:32.877107+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428713"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68276"
},
{
"category": "external",
"summary": "RHBZ#2428713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68276"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68276",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68276"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688",
"url": "https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/pull/806",
"url": "https://github.com/avahi/avahi/pull/806"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc"
}
],
"release_date": "2026-01-12T17:31:49.652000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag"
},
{
"cve": "CVE-2025-68468",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:01:40.703037+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi\u0027s service discovery.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68468"
},
{
"category": "external",
"summary": "RHBZ#2428714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68468"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a",
"url": "https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/683",
"url": "https://github.com/avahi/avahi/issues/683"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52"
}
],
"release_date": "2026-01-12T17:38:10.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements"
},
{
"cve": "CVE-2025-68471",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:02:06.037426+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428717"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via unsolicited CNAME announcements",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68471"
},
{
"category": "external",
"summary": "RHBZ#2428717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68471"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1",
"url": "https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/678",
"url": "https://github.com/avahi/avahi/issues/678"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg"
}
],
"release_date": "2026-01-12T17:39:57.416000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via unsolicited CNAME announcements"
},
{
"cve": "CVE-2026-24401",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-24T02:01:37.641693+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432534"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact flaw in Avahi\u0027s `avahi-daemon` can lead to a denial of service. An attacker on the local network could send a specially crafted, unsolicited mDNS response containing a recursive CNAME record, causing unbounded recursion and a crash. This affects systems where Avahi\u0027s record browsers explicitly use multicast, such as those utilizing `nss-mdns`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24401"
},
{
"category": "external",
"summary": "RHBZ#2432534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432534"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24401"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524",
"url": "https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/501",
"url": "https://github.com/avahi/avahi/issues/501"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3"
}
],
"release_date": "2026-01-24T01:25:02.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the avahi-daemon service if mDNS/DNS-SD functionality is not required on the system.\n\n```bash\nsudo systemctl disable --now avahi-daemon.service\nsudo systemctl mask avahi-daemon.service\n```\n\nDisabling this service may impact applications relying on mDNS for local network service discovery. A system reboot or service reload may be required for the changes to take full effect.",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response"
},
{
"cve": "CVE-2026-34933",
"cwe": {
"id": "CWE-1288",
"name": "Improper Validation of Consistency within Input"
},
"discovery_date": "2026-04-03T23:01:28.844635+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2454978"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "RHBZ#2454978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34933"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34933",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34933"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c",
"url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/pull/891",
"url": "https://github.com/avahi/avahi/pull/891"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
}
],
"release_date": "2026-04-03T22:43:26.683000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…