rpm package
opensuse/avahi&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/avahi&distro=openSUSE%20Leap%2015.5
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-52616 | Med | 5.3 | < 0.8-150400.7.20.1 | 0.8-150400.7.20.1 | Nov 21, 2024 | A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs. | |
| CVE-2023-38473 | — | < 0.8-150400.7.10.1 | 0.8-150400.7.10.1 | Nov 2, 2023 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. | ||
| CVE-2023-38472 | — | < 0.8-150400.7.13.1 | 0.8-150400.7.13.1 | Nov 2, 2023 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. | ||
| CVE-2023-38471 | — | < 0.8-150400.7.16.1 | 0.8-150400.7.16.1 | Nov 2, 2023 | A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. | ||
| CVE-2023-38470 | — | < 0.8-150400.7.10.1 | 0.8-150400.7.10.1 | Nov 2, 2023 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. | ||
| CVE-2023-38469 | — | < 0.8-150400.7.16.1 | 0.8-150400.7.16.1 | Nov 2, 2023 | A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. |
- affected < 0.8-150400.7.20.1fixed 0.8-150400.7.20.1
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.
- CVE-2023-38473Nov 2, 2023affected < 0.8-150400.7.10.1fixed 0.8-150400.7.10.1
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
- CVE-2023-38472Nov 2, 2023affected < 0.8-150400.7.13.1fixed 0.8-150400.7.13.1
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.
- CVE-2023-38471Nov 2, 2023affected < 0.8-150400.7.16.1fixed 0.8-150400.7.16.1
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
- CVE-2023-38470Nov 2, 2023affected < 0.8-150400.7.10.1fixed 0.8-150400.7.10.1
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
- CVE-2023-38469Nov 2, 2023affected < 0.8-150400.7.16.1fixed 0.8-150400.7.16.1
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.