CVE-2025-68276

CVE-2025-68276

Name

CVE-2025-68276

Description

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling the RecordBrowserNew method directly or creating hostname/address/service resolvers/browsers that create those browsers internally themselves.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688
MISC	https://github.com/avahi/avahi/pull/806
CONFIRM	https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc

Type

URI

MISC

https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688

MISC

https://github.com/avahi/avahi/pull/806

CONFIRM

https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc

CPE URI	Source package	Min version	Max version
	avahi	>= 0	<= 0.9-rc2

CPE URI

Source package

Min version

Max version

avahi

>= 0

<= 0.9-rc2

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
avahi	edge-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r22	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r18	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r14	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r12	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r11	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r10	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r9	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r8	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.7-r2	None	possibly vulnerable
avahi	3.23-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r16	None	possibly vulnerable
avahi	3.22-main	0.8-r15	None	possibly vulnerable
avahi	3.22-main	0.8-r14	None	possibly vulnerable
avahi	3.22-main	0.8-r5	None	possibly vulnerable
avahi	3.22-main	0.8-r4	None	possibly vulnerable
avahi	3.22-main	0.7-r2	None	possibly vulnerable
avahi	3.21-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.21-main	0.8-r16	None	possibly vulnerable
avahi	3.21-main	0.8-r15	None	possibly vulnerable
avahi	3.21-main	0.8-r14	None	possibly vulnerable
avahi	3.21-main	0.8-r5	None	possibly vulnerable
avahi	3.21-main	0.8-r4	None	possibly vulnerable
avahi	3.21-main	0.7-r2	None	possibly vulnerable
avahi	3.20-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.20-main	0.8-r16	None	possibly vulnerable
avahi	3.20-main	0.8-r15	None	possibly vulnerable
avahi	3.20-main	0.8-r14	None	possibly vulnerable
avahi	3.20-main	0.8-r5	None	possibly vulnerable
avahi	3.20-main	0.8-r4	None	possibly vulnerable
avahi	3.20-main	0.7-r2	None	possibly vulnerable
avahi	3.19-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r14	None	possibly vulnerable
avahi	3.19-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r5	None	possibly vulnerable
avahi	3.19-main	0.8-r4	None	possibly vulnerable
avahi	3.19-main	0.7-r2	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages