CVE-2025-68471

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc2

Description Avahi, a system for service discovery on a local network using the mDNS/DNS-SD protocol suite, is susceptible to a denial-of-service condition. Specifically, the avahi-daemon process can be crashed by receiving two unsolicited announcements containing CNAME resource records within a two-second interval.

Recommendations Update to version 0.9-rc2 or later.

Exploit

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

AZL-74277

AZL-74291

BDU:2026-03599

CVE-2025-68471

ECHO-B6A0-85DE-738F

GHSA-56RF-42XR-QMMG

MGASA-2026-0016

OESA-2026-1236

OPENSUSE-SU-2026:10052-1

OPENSUSE-SU-2026:20110-1

RHSA-2026:11316

SUSE-SU-2026:0143-1

SUSE-SU-2026:0259-1

SUSE-SU-2026:0422-1

SUSE-SU-2026:0577-1

SUSE-SU-2026:20145-1

SUSE-SU-2026:20167-1

SUSE-SU-2026:20525-1

SUSE-SU-2026:21445-1

USN-7967-1

Affected Products

Avahi

Linuxmint

Red Os

Ubuntu

CVE-2025-68471

Weakness Enumeration

Related Identifiers

Affected Products

References · 59