Unrated severityNVD Advisory· Published Jan 12, 2026· Updated Jan 12, 2026
Avahi has a reachable assertion in lookup_start
CVE-2025-68471
Description
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
28- Range: <= 0.9-rc2
- osv-coords27 versionspkg:apk/chainguard/avahipkg:apk/chainguard/avahi-devpkg:apk/wolfi/avahipkg:apk/wolfi/avahi-devpkg:rpm/opensuse/avahi&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/avahi&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/avahi&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/avahi-glib2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/avahi-glib2&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/avahi-qt5&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/avahi-qt6&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/avahi-glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/avahi-glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/avahi-glib2&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/avahi-glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 0.9_rc2-r1+ 26 more
- (no CPE)range: < 0.9_rc2-r1
- (no CPE)range: < 0.9_rc3-r0
- (no CPE)range: < 0.9_rc2-r1
- (no CPE)range: < 0.9_rc3-r0
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.8-41.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.7-150100.3.46.1
- (no CPE)range: < 0.8-150400.7.26.1
- (no CPE)range: < 0.8-150400.7.26.1
- (no CPE)range: < 0.8-150400.7.26.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.6.32-32.36.1
- (no CPE)range: < 0.8-7.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-150600.15.12.1
- (no CPE)range: < 0.8-160000.4.1
- (no CPE)range: < 0.8-160000.4.1
Patches
Vulnerability mechanics
References
3- github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1mitrex_refsource_MISC
- github.com/avahi/avahi/issues/678mitrex_refsource_MISC
- github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmgmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.