CVE-2026-24401

CVE-2026-24401

Name

CVE-2026-24401

Description

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name point to the same domain (e.g., "h.local" as a CNAME for "h.local"). This causes unbounded recursion in the lookup_handle_cname function, leading to stack exhaustion. The vulnerability affects record browsers where AVAHI_LOOKUP_USE_MULTICAST is set explicitly, which includes record browsers created by resolvers used by nss-mdns. This issue is patched in commit 78eab31128479f06e30beb8c1cbf99dd921e2524.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
security-advisories@github.com	https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524
security-advisories@github.com	https://github.com/avahi/avahi/issues/501
security-advisories@github.com	https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3

Type

URI

security-advisories@github.com

https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524

security-advisories@github.com

https://github.com/avahi/avahi/issues/501

security-advisories@github.com

https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:avahi:avahi::::::::`	avahi	>= None	< 0.9

CPE URI

Source package

Min version

Max version

cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*

avahi

>= None

< 0.9

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
avahi	edge-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r22	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r18	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r14	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r12	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r11	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r10	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r9	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r8	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r6	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r5	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r4	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.8-r3	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	edge-main	0.7-r2	None	possibly vulnerable
avahi	3.23-main	0.8-r23	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r21	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r20	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.22-main	0.8-r16	None	possibly vulnerable
avahi	3.22-main	0.8-r15	None	possibly vulnerable
avahi	3.22-main	0.8-r14	None	possibly vulnerable
avahi	3.22-main	0.8-r5	None	possibly vulnerable
avahi	3.22-main	0.8-r4	None	possibly vulnerable
avahi	3.22-main	0.7-r2	None	possibly vulnerable
avahi	3.21-main	0.8-r19	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.21-main	0.8-r16	None	possibly vulnerable
avahi	3.21-main	0.8-r15	None	possibly vulnerable
avahi	3.21-main	0.8-r14	None	possibly vulnerable
avahi	3.21-main	0.8-r5	None	possibly vulnerable
avahi	3.21-main	0.8-r4	None	possibly vulnerable
avahi	3.21-main	0.7-r2	None	possibly vulnerable
avahi	3.20-main	0.8-r17	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.20-main	0.8-r16	None	possibly vulnerable
avahi	3.20-main	0.8-r15	None	possibly vulnerable
avahi	3.20-main	0.8-r14	None	possibly vulnerable
avahi	3.20-main	0.8-r5	None	possibly vulnerable
avahi	3.20-main	0.8-r4	None	possibly vulnerable
avahi	3.20-main	0.7-r2	None	possibly vulnerable
avahi	3.19-main	0.8-r16	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r15	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r14	None	possibly vulnerable
avahi	3.19-main	0.8-r13	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
avahi	3.19-main	0.8-r5	None	possibly vulnerable
avahi	3.19-main	0.8-r4	None	possibly vulnerable
avahi	3.19-main	0.7-r2	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages