CVE-2025-68468

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc2

Description Avahi, a system for local network service discovery using the mDNS/DNS-SD protocol suite, is susceptible to a crash issue. Sending unsolicited announcements containing CNAME resource records that point to resource records with short Time To Live (TTL) values can cause avahi-daemon to crash when the TTLs expire.

Recommendations Update Avahi to version 0.9-rc2 or later.

Exploit

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

AZL-74274

AZL-74288

BDU:2026-03598

CVE-2025-68468

ECHO-7F70-08B9-6DF6

GHSA-CP79-R4X9-VF52

MGASA-2026-0016

OESA-2026-1236

OPENSUSE-SU-2026:10052-1

OPENSUSE-SU-2026:20110-1

RHSA-2026:11316

SUSE-SU-2026:0143-1

SUSE-SU-2026:0259-1

SUSE-SU-2026:0422-1

SUSE-SU-2026:0577-1

SUSE-SU-2026:20145-1

SUSE-SU-2026:20167-1

SUSE-SU-2026:20525-1

SUSE-SU-2026:21445-1

USN-7967-1

Affected Products

Avahi

Linuxmint

Red Os

Ubuntu

CVE-2025-68468

Weakness Enumeration

Related Identifiers

Affected Products

References · 59