INFSA-2025:11402: avahi security update
Information about definition
Identificator: INFSA-2025:11402
Type: security
Release date: 2025-07-25 11:06:43 UTC
Information about package
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers.
Vulnerabilities description
- CVE-2024-52615
A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-52615
|
no information | 5.3 | no information |
Updated packages