Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-34933 (GCVE-0-2026-34933)
Vulnerability from cvelistv5 – Published: 2026-04-03 22:43 – Updated: 2026-04-11 18:09
VLAI?
EPSS
Title
Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon
Summary
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.
Severity ?
5.5 (Medium)
CWE
- CWE-617 - Reachable Assertion
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34933",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T16:09:17.006482Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:09:21.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-04-11T18:09:34.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/04/11/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "avahi",
"vendor": "avahi",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9-rc4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617: Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T22:43:26.683Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
},
{
"name": "https://github.com/avahi/avahi/pull/891",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/avahi/avahi/pull/891"
},
{
"name": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"
}
],
"source": {
"advisory": "GHSA-w65r-6gxh-vhvc",
"discovery": "UNKNOWN"
},
"title": "Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34933",
"datePublished": "2026-04-03T22:43:26.683Z",
"dateReserved": "2026-03-31T17:27:08.659Z",
"dateUpdated": "2026-04-11T18:09:34.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-34933",
"date": "2026-05-05",
"epss": "0.00022",
"percentile": "0.06086"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-34933\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-04-03T23:17:05.377\",\"lastModified\":\"2026-04-13T17:26:03.063\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9\",\"matchCriteriaId\":\"6481267F-934F-4A0C-9B25-59738E798458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avahi:avahi:0.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76971590-AEED-4CB1-B7B7-45EA8FD11524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avahi:avahi:0.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"83D94AE4-46AC-4955-BB0D-193CF79149A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avahi:avahi:0.9:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"42B0E12E-E0CC-47B5-B7D3-9FF12156B68E\"}]}]}],\"references\":[{\"url\":\"https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/avahi/avahi/pull/891\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/04/11/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/04/11/9\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-04-11T18:09:34.774Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-34933\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-06T16:09:17.006482Z\"}}}], \"references\": [{\"url\": \"https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-06T16:09:12.363Z\"}}], \"cna\": {\"title\": \"Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon\", \"source\": {\"advisory\": \"GHSA-w65r-6gxh-vhvc\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"avahi\", \"product\": \"avahi\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.9-rc4\"}]}], \"references\": [{\"url\": \"https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc\", \"name\": \"https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/avahi/avahi/pull/891\", \"name\": \"https://github.com/avahi/avahi/pull/891\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c\", \"name\": \"https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-617\", \"description\": \"CWE-617: Reachable Assertion\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-04-03T22:43:26.683Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-34933\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-11T18:09:34.774Z\", \"dateReserved\": \"2026-03-31T17:27:08.659Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-04-03T22:43:26.683Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:21417-1
Vulnerability from csaf_suse - Published: 2026-04-29 11:16 - Updated: 2026-04-29 11:16Summary
Security update for avahi
Severity
Moderate
Notes
Title of the patch: Security update for avahi
Description of the patch: This update for avahi fixes the following issues:
- CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546).
Patchnames: SUSE-SLE-Micro-6.0-693
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for avahi",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for avahi fixes the following issues:\n\n- CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-693",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21417-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21417-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621417-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21417-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/046119.html"
},
{
"category": "self",
"summary": "SUSE Bug 1261546",
"url": "https://bugzilla.suse.com/1261546"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34933 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34933/"
}
],
"title": "Security update for avahi",
"tracking": {
"current_release_date": "2026-04-29T11:16:55Z",
"generator": {
"date": "2026-04-29T11:16:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21417-1",
"initial_release_date": "2026-04-29T11:16:55Z",
"revision_history": [
{
"date": "2026-04-29T11:16:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-9.1.aarch64",
"product": {
"name": "avahi-0.8-9.1.aarch64",
"product_id": "avahi-0.8-9.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-9.1.aarch64",
"product": {
"name": "libavahi-client3-0.8-9.1.aarch64",
"product_id": "libavahi-client3-0.8-9.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-9.1.aarch64",
"product": {
"name": "libavahi-common3-0.8-9.1.aarch64",
"product_id": "libavahi-common3-0.8-9.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-9.1.aarch64",
"product": {
"name": "libavahi-core7-0.8-9.1.aarch64",
"product_id": "libavahi-core7-0.8-9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-9.1.s390x",
"product": {
"name": "avahi-0.8-9.1.s390x",
"product_id": "avahi-0.8-9.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-9.1.s390x",
"product": {
"name": "libavahi-client3-0.8-9.1.s390x",
"product_id": "libavahi-client3-0.8-9.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-9.1.s390x",
"product": {
"name": "libavahi-common3-0.8-9.1.s390x",
"product_id": "libavahi-common3-0.8-9.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-9.1.s390x",
"product": {
"name": "libavahi-core7-0.8-9.1.s390x",
"product_id": "libavahi-core7-0.8-9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-9.1.x86_64",
"product": {
"name": "avahi-0.8-9.1.x86_64",
"product_id": "avahi-0.8-9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-9.1.x86_64",
"product": {
"name": "libavahi-client3-0.8-9.1.x86_64",
"product_id": "libavahi-client3-0.8-9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-9.1.x86_64",
"product": {
"name": "libavahi-common3-0.8-9.1.x86_64",
"product_id": "libavahi-common3-0.8-9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-9.1.x86_64",
"product": {
"name": "libavahi-core7-0.8-9.1.x86_64",
"product_id": "libavahi-core7-0.8-9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-9.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:avahi-0.8-9.1.aarch64"
},
"product_reference": "avahi-0.8-9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-9.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:avahi-0.8-9.1.s390x"
},
"product_reference": "avahi-0.8-9.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-9.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:avahi-0.8-9.1.x86_64"
},
"product_reference": "avahi-0.8-9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-9.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.aarch64"
},
"product_reference": "libavahi-client3-0.8-9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-9.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.s390x"
},
"product_reference": "libavahi-client3-0.8-9.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-9.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.x86_64"
},
"product_reference": "libavahi-client3-0.8-9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-9.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.aarch64"
},
"product_reference": "libavahi-common3-0.8-9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-9.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.s390x"
},
"product_reference": "libavahi-common3-0.8-9.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-9.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.x86_64"
},
"product_reference": "libavahi-common3-0.8-9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-9.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.aarch64"
},
"product_reference": "libavahi-core7-0.8-9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-9.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.s390x"
},
"product_reference": "libavahi-core7-0.8-9.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-9.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.x86_64"
},
"product_reference": "libavahi-core7-0.8-9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34933"
}
],
"notes": [
{
"category": "general",
"text": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:avahi-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34933",
"url": "https://www.suse.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "SUSE Bug 1261546 for CVE-2026-34933",
"url": "https://bugzilla.suse.com/1261546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:avahi-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:avahi-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:avahi-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-client3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-common3-0.8-9.1.x86_64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.aarch64",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.s390x",
"SUSE Linux Micro 6.0:libavahi-core7-0.8-9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-29T11:16:55Z",
"details": "moderate"
}
],
"title": "CVE-2026-34933"
}
]
}
OPENSUSE-SU-2026:10670-1
Vulnerability from csaf_opensuse - Published: 2026-05-04 00:00 - Updated: 2026-05-04 00:00Summary
avahi-0.8-43.1 on GA media
Severity
Moderate
Notes
Title of the patch: avahi-0.8-43.1 on GA media
Description of the patch: These are all security issues fixed in the avahi-0.8-43.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10670
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "avahi-0.8-43.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the avahi-0.8-43.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10670",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10670-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34933 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34933/"
}
],
"title": "avahi-0.8-43.1 on GA media",
"tracking": {
"current_release_date": "2026-05-04T00:00:00Z",
"generator": {
"date": "2026-05-04T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10670-1",
"initial_release_date": "2026-05-04T00:00:00Z",
"revision_history": [
{
"date": "2026-05-04T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-43.1.aarch64",
"product": {
"name": "avahi-0.8-43.1.aarch64",
"product_id": "avahi-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "avahi-autoipd-0.8-43.1.aarch64",
"product": {
"name": "avahi-autoipd-0.8-43.1.aarch64",
"product_id": "avahi-autoipd-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "avahi-compat-howl-devel-0.8-43.1.aarch64",
"product": {
"name": "avahi-compat-howl-devel-0.8-43.1.aarch64",
"product_id": "avahi-compat-howl-devel-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"product": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"product_id": "avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "avahi-lang-0.8-43.1.aarch64",
"product": {
"name": "avahi-lang-0.8-43.1.aarch64",
"product_id": "avahi-lang-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "avahi-utils-0.8-43.1.aarch64",
"product": {
"name": "avahi-utils-0.8-43.1.aarch64",
"product_id": "avahi-utils-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-43.1.aarch64",
"product": {
"name": "libavahi-client3-0.8-43.1.aarch64",
"product_id": "libavahi-client3-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-32bit-0.8-43.1.aarch64",
"product": {
"name": "libavahi-client3-32bit-0.8-43.1.aarch64",
"product_id": "libavahi-client3-32bit-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-43.1.aarch64",
"product": {
"name": "libavahi-common3-0.8-43.1.aarch64",
"product_id": "libavahi-common3-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-32bit-0.8-43.1.aarch64",
"product": {
"name": "libavahi-common3-32bit-0.8-43.1.aarch64",
"product_id": "libavahi-common3-32bit-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-43.1.aarch64",
"product": {
"name": "libavahi-core7-0.8-43.1.aarch64",
"product_id": "libavahi-core7-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-devel-0.8-43.1.aarch64",
"product": {
"name": "libavahi-devel-0.8-43.1.aarch64",
"product_id": "libavahi-devel-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavahi-libevent1-0.8-43.1.aarch64",
"product": {
"name": "libavahi-libevent1-0.8-43.1.aarch64",
"product_id": "libavahi-libevent1-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libdns_sd-0.8-43.1.aarch64",
"product": {
"name": "libdns_sd-0.8-43.1.aarch64",
"product_id": "libdns_sd-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libdns_sd-32bit-0.8-43.1.aarch64",
"product": {
"name": "libdns_sd-32bit-0.8-43.1.aarch64",
"product_id": "libdns_sd-32bit-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "libhowl0-0.8-43.1.aarch64",
"product": {
"name": "libhowl0-0.8-43.1.aarch64",
"product_id": "libhowl0-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-avahi-0.8-43.1.aarch64",
"product": {
"name": "python311-avahi-0.8-43.1.aarch64",
"product_id": "python311-avahi-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "python313-avahi-0.8-43.1.aarch64",
"product": {
"name": "python313-avahi-0.8-43.1.aarch64",
"product_id": "python313-avahi-0.8-43.1.aarch64"
}
},
{
"category": "product_version",
"name": "python314-avahi-0.8-43.1.aarch64",
"product": {
"name": "python314-avahi-0.8-43.1.aarch64",
"product_id": "python314-avahi-0.8-43.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-43.1.ppc64le",
"product": {
"name": "avahi-0.8-43.1.ppc64le",
"product_id": "avahi-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "avahi-autoipd-0.8-43.1.ppc64le",
"product": {
"name": "avahi-autoipd-0.8-43.1.ppc64le",
"product_id": "avahi-autoipd-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "avahi-compat-howl-devel-0.8-43.1.ppc64le",
"product": {
"name": "avahi-compat-howl-devel-0.8-43.1.ppc64le",
"product_id": "avahi-compat-howl-devel-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"product": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"product_id": "avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "avahi-lang-0.8-43.1.ppc64le",
"product": {
"name": "avahi-lang-0.8-43.1.ppc64le",
"product_id": "avahi-lang-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "avahi-utils-0.8-43.1.ppc64le",
"product": {
"name": "avahi-utils-0.8-43.1.ppc64le",
"product_id": "avahi-utils-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-client3-0.8-43.1.ppc64le",
"product_id": "libavahi-client3-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-client3-32bit-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-client3-32bit-0.8-43.1.ppc64le",
"product_id": "libavahi-client3-32bit-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-common3-0.8-43.1.ppc64le",
"product_id": "libavahi-common3-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-common3-32bit-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-common3-32bit-0.8-43.1.ppc64le",
"product_id": "libavahi-common3-32bit-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-core7-0.8-43.1.ppc64le",
"product_id": "libavahi-core7-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-devel-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-devel-0.8-43.1.ppc64le",
"product_id": "libavahi-devel-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavahi-libevent1-0.8-43.1.ppc64le",
"product": {
"name": "libavahi-libevent1-0.8-43.1.ppc64le",
"product_id": "libavahi-libevent1-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libdns_sd-0.8-43.1.ppc64le",
"product": {
"name": "libdns_sd-0.8-43.1.ppc64le",
"product_id": "libdns_sd-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libdns_sd-32bit-0.8-43.1.ppc64le",
"product": {
"name": "libdns_sd-32bit-0.8-43.1.ppc64le",
"product_id": "libdns_sd-32bit-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libhowl0-0.8-43.1.ppc64le",
"product": {
"name": "libhowl0-0.8-43.1.ppc64le",
"product_id": "libhowl0-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-avahi-0.8-43.1.ppc64le",
"product": {
"name": "python311-avahi-0.8-43.1.ppc64le",
"product_id": "python311-avahi-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python313-avahi-0.8-43.1.ppc64le",
"product": {
"name": "python313-avahi-0.8-43.1.ppc64le",
"product_id": "python313-avahi-0.8-43.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python314-avahi-0.8-43.1.ppc64le",
"product": {
"name": "python314-avahi-0.8-43.1.ppc64le",
"product_id": "python314-avahi-0.8-43.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-43.1.s390x",
"product": {
"name": "avahi-0.8-43.1.s390x",
"product_id": "avahi-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "avahi-autoipd-0.8-43.1.s390x",
"product": {
"name": "avahi-autoipd-0.8-43.1.s390x",
"product_id": "avahi-autoipd-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "avahi-compat-howl-devel-0.8-43.1.s390x",
"product": {
"name": "avahi-compat-howl-devel-0.8-43.1.s390x",
"product_id": "avahi-compat-howl-devel-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"product": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"product_id": "avahi-compat-mDNSResponder-devel-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "avahi-lang-0.8-43.1.s390x",
"product": {
"name": "avahi-lang-0.8-43.1.s390x",
"product_id": "avahi-lang-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "avahi-utils-0.8-43.1.s390x",
"product": {
"name": "avahi-utils-0.8-43.1.s390x",
"product_id": "avahi-utils-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-43.1.s390x",
"product": {
"name": "libavahi-client3-0.8-43.1.s390x",
"product_id": "libavahi-client3-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-client3-32bit-0.8-43.1.s390x",
"product": {
"name": "libavahi-client3-32bit-0.8-43.1.s390x",
"product_id": "libavahi-client3-32bit-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-43.1.s390x",
"product": {
"name": "libavahi-common3-0.8-43.1.s390x",
"product_id": "libavahi-common3-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-common3-32bit-0.8-43.1.s390x",
"product": {
"name": "libavahi-common3-32bit-0.8-43.1.s390x",
"product_id": "libavahi-common3-32bit-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-43.1.s390x",
"product": {
"name": "libavahi-core7-0.8-43.1.s390x",
"product_id": "libavahi-core7-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-devel-0.8-43.1.s390x",
"product": {
"name": "libavahi-devel-0.8-43.1.s390x",
"product_id": "libavahi-devel-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libavahi-libevent1-0.8-43.1.s390x",
"product": {
"name": "libavahi-libevent1-0.8-43.1.s390x",
"product_id": "libavahi-libevent1-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libdns_sd-0.8-43.1.s390x",
"product": {
"name": "libdns_sd-0.8-43.1.s390x",
"product_id": "libdns_sd-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libdns_sd-32bit-0.8-43.1.s390x",
"product": {
"name": "libdns_sd-32bit-0.8-43.1.s390x",
"product_id": "libdns_sd-32bit-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "libhowl0-0.8-43.1.s390x",
"product": {
"name": "libhowl0-0.8-43.1.s390x",
"product_id": "libhowl0-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-avahi-0.8-43.1.s390x",
"product": {
"name": "python311-avahi-0.8-43.1.s390x",
"product_id": "python311-avahi-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "python313-avahi-0.8-43.1.s390x",
"product": {
"name": "python313-avahi-0.8-43.1.s390x",
"product_id": "python313-avahi-0.8-43.1.s390x"
}
},
{
"category": "product_version",
"name": "python314-avahi-0.8-43.1.s390x",
"product": {
"name": "python314-avahi-0.8-43.1.s390x",
"product_id": "python314-avahi-0.8-43.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-0.8-43.1.x86_64",
"product": {
"name": "avahi-0.8-43.1.x86_64",
"product_id": "avahi-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "avahi-autoipd-0.8-43.1.x86_64",
"product": {
"name": "avahi-autoipd-0.8-43.1.x86_64",
"product_id": "avahi-autoipd-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "avahi-compat-howl-devel-0.8-43.1.x86_64",
"product": {
"name": "avahi-compat-howl-devel-0.8-43.1.x86_64",
"product_id": "avahi-compat-howl-devel-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"product": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"product_id": "avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "avahi-lang-0.8-43.1.x86_64",
"product": {
"name": "avahi-lang-0.8-43.1.x86_64",
"product_id": "avahi-lang-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "avahi-utils-0.8-43.1.x86_64",
"product": {
"name": "avahi-utils-0.8-43.1.x86_64",
"product_id": "avahi-utils-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-0.8-43.1.x86_64",
"product": {
"name": "libavahi-client3-0.8-43.1.x86_64",
"product_id": "libavahi-client3-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-client3-32bit-0.8-43.1.x86_64",
"product": {
"name": "libavahi-client3-32bit-0.8-43.1.x86_64",
"product_id": "libavahi-client3-32bit-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-0.8-43.1.x86_64",
"product": {
"name": "libavahi-common3-0.8-43.1.x86_64",
"product_id": "libavahi-common3-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-common3-32bit-0.8-43.1.x86_64",
"product": {
"name": "libavahi-common3-32bit-0.8-43.1.x86_64",
"product_id": "libavahi-common3-32bit-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-core7-0.8-43.1.x86_64",
"product": {
"name": "libavahi-core7-0.8-43.1.x86_64",
"product_id": "libavahi-core7-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-devel-0.8-43.1.x86_64",
"product": {
"name": "libavahi-devel-0.8-43.1.x86_64",
"product_id": "libavahi-devel-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavahi-libevent1-0.8-43.1.x86_64",
"product": {
"name": "libavahi-libevent1-0.8-43.1.x86_64",
"product_id": "libavahi-libevent1-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns_sd-0.8-43.1.x86_64",
"product": {
"name": "libdns_sd-0.8-43.1.x86_64",
"product_id": "libdns_sd-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns_sd-32bit-0.8-43.1.x86_64",
"product": {
"name": "libdns_sd-32bit-0.8-43.1.x86_64",
"product_id": "libdns_sd-32bit-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "libhowl0-0.8-43.1.x86_64",
"product": {
"name": "libhowl0-0.8-43.1.x86_64",
"product_id": "libhowl0-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-avahi-0.8-43.1.x86_64",
"product": {
"name": "python311-avahi-0.8-43.1.x86_64",
"product_id": "python311-avahi-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "python313-avahi-0.8-43.1.x86_64",
"product": {
"name": "python313-avahi-0.8-43.1.x86_64",
"product_id": "python313-avahi-0.8-43.1.x86_64"
}
},
{
"category": "product_version",
"name": "python314-avahi-0.8-43.1.x86_64",
"product": {
"name": "python314-avahi-0.8-43.1.x86_64",
"product_id": "python314-avahi-0.8-43.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-0.8-43.1.aarch64"
},
"product_reference": "avahi-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-0.8-43.1.ppc64le"
},
"product_reference": "avahi-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-0.8-43.1.s390x"
},
"product_reference": "avahi-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-0.8-43.1.x86_64"
},
"product_reference": "avahi-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-autoipd-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.aarch64"
},
"product_reference": "avahi-autoipd-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-autoipd-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.ppc64le"
},
"product_reference": "avahi-autoipd-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-autoipd-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.s390x"
},
"product_reference": "avahi-autoipd-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-autoipd-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.x86_64"
},
"product_reference": "avahi-autoipd-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-howl-devel-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.aarch64"
},
"product_reference": "avahi-compat-howl-devel-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-howl-devel-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.ppc64le"
},
"product_reference": "avahi-compat-howl-devel-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-howl-devel-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.s390x"
},
"product_reference": "avahi-compat-howl-devel-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-howl-devel-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.x86_64"
},
"product_reference": "avahi-compat-howl-devel-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64"
},
"product_reference": "avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le"
},
"product_reference": "avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.s390x"
},
"product_reference": "avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64"
},
"product_reference": "avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-lang-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-lang-0.8-43.1.aarch64"
},
"product_reference": "avahi-lang-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-lang-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-lang-0.8-43.1.ppc64le"
},
"product_reference": "avahi-lang-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-lang-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-lang-0.8-43.1.s390x"
},
"product_reference": "avahi-lang-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-lang-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-lang-0.8-43.1.x86_64"
},
"product_reference": "avahi-lang-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-utils-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-utils-0.8-43.1.aarch64"
},
"product_reference": "avahi-utils-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-utils-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-utils-0.8-43.1.ppc64le"
},
"product_reference": "avahi-utils-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-utils-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-utils-0.8-43.1.s390x"
},
"product_reference": "avahi-utils-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-utils-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:avahi-utils-0.8-43.1.x86_64"
},
"product_reference": "avahi-utils-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-0.8-43.1.aarch64"
},
"product_reference": "libavahi-client3-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-client3-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-0.8-43.1.s390x"
},
"product_reference": "libavahi-client3-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-0.8-43.1.x86_64"
},
"product_reference": "libavahi-client3-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-32bit-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.aarch64"
},
"product_reference": "libavahi-client3-32bit-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-32bit-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-client3-32bit-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-32bit-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.s390x"
},
"product_reference": "libavahi-client3-32bit-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-client3-32bit-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.x86_64"
},
"product_reference": "libavahi-client3-32bit-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-0.8-43.1.aarch64"
},
"product_reference": "libavahi-common3-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-common3-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-0.8-43.1.s390x"
},
"product_reference": "libavahi-common3-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-0.8-43.1.x86_64"
},
"product_reference": "libavahi-common3-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-32bit-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.aarch64"
},
"product_reference": "libavahi-common3-32bit-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-32bit-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-common3-32bit-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-32bit-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.s390x"
},
"product_reference": "libavahi-common3-32bit-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-common3-32bit-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.x86_64"
},
"product_reference": "libavahi-common3-32bit-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-core7-0.8-43.1.aarch64"
},
"product_reference": "libavahi-core7-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-core7-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-core7-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-core7-0.8-43.1.s390x"
},
"product_reference": "libavahi-core7-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-core7-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-core7-0.8-43.1.x86_64"
},
"product_reference": "libavahi-core7-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-devel-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-devel-0.8-43.1.aarch64"
},
"product_reference": "libavahi-devel-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-devel-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-devel-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-devel-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-devel-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-devel-0.8-43.1.s390x"
},
"product_reference": "libavahi-devel-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-devel-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-devel-0.8-43.1.x86_64"
},
"product_reference": "libavahi-devel-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-libevent1-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.aarch64"
},
"product_reference": "libavahi-libevent1-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-libevent1-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.ppc64le"
},
"product_reference": "libavahi-libevent1-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-libevent1-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.s390x"
},
"product_reference": "libavahi-libevent1-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavahi-libevent1-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.x86_64"
},
"product_reference": "libavahi-libevent1-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-0.8-43.1.aarch64"
},
"product_reference": "libdns_sd-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-0.8-43.1.ppc64le"
},
"product_reference": "libdns_sd-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-0.8-43.1.s390x"
},
"product_reference": "libdns_sd-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-0.8-43.1.x86_64"
},
"product_reference": "libdns_sd-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-32bit-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.aarch64"
},
"product_reference": "libdns_sd-32bit-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-32bit-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.ppc64le"
},
"product_reference": "libdns_sd-32bit-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-32bit-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.s390x"
},
"product_reference": "libdns_sd-32bit-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns_sd-32bit-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.x86_64"
},
"product_reference": "libdns_sd-32bit-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libhowl0-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libhowl0-0.8-43.1.aarch64"
},
"product_reference": "libhowl0-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libhowl0-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libhowl0-0.8-43.1.ppc64le"
},
"product_reference": "libhowl0-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libhowl0-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libhowl0-0.8-43.1.s390x"
},
"product_reference": "libhowl0-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libhowl0-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libhowl0-0.8-43.1.x86_64"
},
"product_reference": "libhowl0-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-avahi-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-avahi-0.8-43.1.aarch64"
},
"product_reference": "python311-avahi-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-avahi-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-avahi-0.8-43.1.ppc64le"
},
"product_reference": "python311-avahi-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-avahi-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-avahi-0.8-43.1.s390x"
},
"product_reference": "python311-avahi-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-avahi-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-avahi-0.8-43.1.x86_64"
},
"product_reference": "python311-avahi-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-avahi-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-avahi-0.8-43.1.aarch64"
},
"product_reference": "python313-avahi-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-avahi-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-avahi-0.8-43.1.ppc64le"
},
"product_reference": "python313-avahi-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-avahi-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-avahi-0.8-43.1.s390x"
},
"product_reference": "python313-avahi-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-avahi-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python313-avahi-0.8-43.1.x86_64"
},
"product_reference": "python313-avahi-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-avahi-0.8-43.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-avahi-0.8-43.1.aarch64"
},
"product_reference": "python314-avahi-0.8-43.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-avahi-0.8-43.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-avahi-0.8-43.1.ppc64le"
},
"product_reference": "python314-avahi-0.8-43.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-avahi-0.8-43.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-avahi-0.8-43.1.s390x"
},
"product_reference": "python314-avahi-0.8-43.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python314-avahi-0.8-43.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python314-avahi-0.8-43.1.x86_64"
},
"product_reference": "python314-avahi-0.8-43.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34933"
}
],
"notes": [
{
"category": "general",
"text": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.s390x",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34933",
"url": "https://www.suse.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "SUSE Bug 1261546 for CVE-2026-34933",
"url": "https://bugzilla.suse.com/1261546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.s390x",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-autoipd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-howl-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-compat-mDNSResponder-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-lang-0.8-43.1.x86_64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.aarch64",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.s390x",
"openSUSE Tumbleweed:avahi-utils-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-client3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-common3-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-core7-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-devel-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.s390x",
"openSUSE Tumbleweed:libavahi-libevent1-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.s390x",
"openSUSE Tumbleweed:libdns_sd-32bit-0.8-43.1.x86_64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.aarch64",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.s390x",
"openSUSE Tumbleweed:libhowl0-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python311-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python313-avahi-0.8-43.1.x86_64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.aarch64",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.ppc64le",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.s390x",
"openSUSE Tumbleweed:python314-avahi-0.8-43.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-34933"
}
]
}
CERTFR-2026-AVI-0435
Vulnerability from certfr_avis - Published: 2026-04-14 - Updated: 2026-04-14
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | cbl2 avahi 0.8-5 versions antérieures à 0.8-6 | ||
| Microsoft | N/A | azl3 libcap 2.69-13 versions antérieures à 2.69-14 | ||
| Microsoft | N/A | azl3 avahi 0.8-7 versions antérieures à 0.8-8 | ||
| Microsoft | N/A | azl3 util-linux 2.40.2-3 versions antérieures à 2.40.2-4 | ||
| Microsoft | N/A | cbl2 libcap 2.60-7 versions antérieures à 2.60-8 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "cbl2 avahi 0.8-5 versions ant\u00e9rieures \u00e0 0.8-6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 libcap 2.69-13 versions ant\u00e9rieures \u00e0 2.69-14",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 avahi 0.8-7 versions ant\u00e9rieures \u00e0 0.8-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 util-linux 2.40.2-3 versions ant\u00e9rieures \u00e0 2.40.2-4",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "cbl2 libcap 2.60-7 versions ant\u00e9rieures \u00e0 2.60-8",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4878"
},
{
"name": "CVE-2026-27456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
},
{
"name": "CVE-2026-34933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34933"
},
{
"name": "CVE-2026-3184",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3184"
}
],
"initial_release_date": "2026-04-14T00:00:00",
"last_revision_date": "2026-04-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0435",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-34933",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34933"
},
{
"published_at": "2026-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4878",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4878"
},
{
"published_at": "2026-04-05",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27456",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27456"
},
{
"published_at": "2026-04-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-3184",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3184"
}
]
}
FKIE_CVE-2026-34933
Vulnerability from fkie_nvd - Published: 2026-04-03 23:17 - Updated: 2026-04-13 17:26
Severity ?
Summary
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c | Patch | |
| security-advisories@github.com | https://github.com/avahi/avahi/pull/891 | Issue Tracking, Patch | |
| security-advisories@github.com | https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2026/04/11/9 | Exploit, Mailing List, Third Party Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc | Exploit, Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avahi:avahi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6481267F-934F-4A0C-9B25-59738E798458",
"versionEndExcluding": "0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "76971590-AEED-4CB1-B7B7-45EA8FD11524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "83D94AE4-46AC-4955-BB0D-193CF79149A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avahi:avahi:0.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "42B0E12E-E0CC-47B5-B7D3-9FF12156B68E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4."
}
],
"id": "CVE-2026-34933",
"lastModified": "2026-04-13T17:26:03.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-04-03T23:17:05.377",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/avahi/avahi/pull/891"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2026/04/11/9"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
RHSA-2026:11316
Vulnerability from csaf_redhat - Published: 2026-04-28 04:05 - Updated: 2026-04-28 04:07Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Severity
Moderate
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs:
avahi:
* avahi-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-autoipd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-howl-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-howl-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-libdns_sd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-compat-libdns_sd-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-dnsconfd-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-glib-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-glib-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-gobject-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-gobject-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-libs-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt3-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt3-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt4-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt4-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt5-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-qt5-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-gtk3-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-sharp-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-ui-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)
* avahi-0.9~rc4-0.1.hum1.src (src)
Security Fix(es):
avahi:
* CVE-2025-68276
* CVE-2025-68468
* CVE-2025-68471
* CVE-2026-24401
* CVE-2026-34933
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi's service discovery.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
Workaround
To mitigate this issue, disable the avahi-daemon service if mDNS/DNS-SD functionality is not required on the system.
```bash
sudo systemctl disable --now avahi-daemon.service
sudo systemctl mask avahi-daemon.service
```
Disabling this service may impact applications relying on mDNS for local network service discovery. A system reboot or service reload may be required for the changes to take full effect.
A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://images.redhat.com/
https://access.redhat.com/errata/RHSA-2026:11316
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\navahi:\n * avahi-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-autoipd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-howl-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-howl-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-libdns_sd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-compat-libdns_sd-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-dnsconfd-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-glib-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-glib-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-gobject-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-gobject-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-libs-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt3-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt3-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt4-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt4-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt5-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-qt5-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-gtk3-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-sharp-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-sharp-devel-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-ui-tools-0.9~rc4-0.1.hum1 (aarch64, x86_64)\n * avahi-0.9~rc4-0.1.hum1.src (src)\n\nSecurity Fix(es):\n\navahi:\n * CVE-2025-68276\n * CVE-2025-68468\n * CVE-2025-68471\n * CVE-2026-24401\n * CVE-2026-34933",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11316",
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68276",
"url": "https://access.redhat.com/security/cve/CVE-2025-68276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68468",
"url": "https://access.redhat.com/security/cve/CVE-2025-68468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68471",
"url": "https://access.redhat.com/security/cve/CVE-2025-68471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24401",
"url": "https://access.redhat.com/security/cve/CVE-2026-24401"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34933",
"url": "https://access.redhat.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11316.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update",
"tracking": {
"current_release_date": "2026-04-28T04:07:18+00:00",
"generator": {
"date": "2026-04-28T04:07:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:11316",
"initial_release_date": "2026-04-28T04:05:00+00:00",
"revision_history": [
{
"date": "2026-04-28T04:05:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-28T04:06:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-28T04:07:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@aarch64",
"product": {
"name": "avahi-main@aarch64",
"product_id": "avahi-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@src",
"product": {
"name": "avahi-main@src",
"product_id": "avahi-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "avahi-main@x86_64",
"product": {
"name": "avahi-main@x86_64",
"product_id": "avahi-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/avahi@0.9~rc4-0.1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@aarch64"
},
"product_reference": "avahi-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@src"
},
"product_reference": "avahi-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "avahi-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:avahi-main@x86_64"
},
"product_reference": "avahi-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68276",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:01:32.877107+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428713"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that facilitates service discovery on a local network. An unprivileged local user can exploit this vulnerability by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can lead to a Denial of Service (DoS) by crashing the avahi-daemon, making the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68276"
},
{
"category": "external",
"summary": "RHBZ#2428713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68276",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68276"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68276",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68276"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688",
"url": "https://github.com/avahi/avahi/commit/ede7048475c5d47d53890e3bc1350dda8e0b3688"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/pull/806",
"url": "https://github.com/avahi/avahi/pull/806"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-mhf3-865v-g5rc"
}
],
"release_date": "2026-01-12T17:31:49.652000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag"
},
{
"cve": "CVE-2025-68468",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:01:40.703037+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi. A remote attacker can cause a Denial of Service (DoS) by sending specially crafted unsolicited announcements containing CNAME resource records. These records, when pointing to other resource records with short Time-To-Live (TTL) values, can lead to the `avahi-daemon` crashing once they expire. This vulnerability impacts the availability of services relying on Avahi\u0027s service discovery.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68468"
},
{
"category": "external",
"summary": "RHBZ#2428714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68468"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a",
"url": "https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/683",
"url": "https://github.com/avahi/avahi/issues/683"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52"
}
],
"release_date": "2026-01-12T17:38:10.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements"
},
{
"cve": "CVE-2025-68471",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-01-12T18:02:06.037426+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428717"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that enables devices to discover services on a local network using the mDNS/DNS-SD (Multicast Domain Name System/DNS-based Service Discovery) protocols. A remote attacker can exploit this by sending two specific network messages, known as unsolicited announcements with CNAME resource records, within a two-second timeframe. This action can cause the `avahi-daemon` process to crash, leading to a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via unsolicited CNAME announcements",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68471"
},
{
"category": "external",
"summary": "RHBZ#2428717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68471"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1",
"url": "https://github.com/avahi/avahi/commit/9c6eb53bf2e290aed84b1f207e3ce35c54cc0aa1"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/678",
"url": "https://github.com/avahi/avahi/issues/678"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg"
}
],
"release_date": "2026-01-12T17:39:57.416000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via unsolicited CNAME announcements"
},
{
"cve": "CVE-2026-24401",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-24T02:01:37.641693+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432534"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi, a system that enables devices to discover services on a local network. A remote attacker can exploit this vulnerability by sending a specially crafted mDNS (multicast Domain Name System) response containing a recursive CNAME (Canonical Name) record. This triggers an uncontrolled recursion within the avahi-daemon process, leading to stack exhaustion and causing the service to crash. This results in a denial of service (DoS) for affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact flaw in Avahi\u0027s `avahi-daemon` can lead to a denial of service. An attacker on the local network could send a specially crafted, unsolicited mDNS response containing a recursive CNAME record, causing unbounded recursion and a crash. This affects systems where Avahi\u0027s record browsers explicitly use multicast, such as those utilizing `nss-mdns`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24401"
},
{
"category": "external",
"summary": "RHBZ#2432534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432534"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24401"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524",
"url": "https://github.com/avahi/avahi/commit/78eab31128479f06e30beb8c1cbf99dd921e2524"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/issues/501",
"url": "https://github.com/avahi/avahi/issues/501"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-h4vp-5m8j-f6w3"
}
],
"release_date": "2026-01-24T01:25:02.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the avahi-daemon service if mDNS/DNS-SD functionality is not required on the system.\n\n```bash\nsudo systemctl disable --now avahi-daemon.service\nsudo systemctl mask avahi-daemon.service\n```\n\nDisabling this service may impact applications relying on mDNS for local network service discovery. A system reboot or service reload may be required for the changes to take full effect.",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response"
},
{
"cve": "CVE-2026-34933",
"cwe": {
"id": "CWE-1288",
"name": "Improper Validation of Consistency within Input"
},
"discovery_date": "2026-04-03T23:01:28.844635+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2454978"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Avahi. An unprivileged local user can exploit this vulnerability by sending a D-Bus method call with conflicting publish flags. This can lead to a denial of service (DoS) by crashing the avahi-daemon, making the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34933"
},
{
"category": "external",
"summary": "RHBZ#2454978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454978"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34933"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34933",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34933"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c",
"url": "https://github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50c"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/pull/891",
"url": "https://github.com/avahi/avahi/pull/891"
},
{
"category": "external",
"summary": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc",
"url": "https://github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvc"
}
],
"release_date": "2026-04-03T22:43:26.683000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-28T04:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:avahi-main@aarch64",
"Red Hat Hardened Images:avahi-main@src",
"Red Hat Hardened Images:avahi-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "avahi: avahi-daemon: Avahi: Denial of Service via D-Bus method call"
}
]
}
MSRC_CVE-2026-34933
Vulnerability from csaf_microsoft - Published: 2026-04-02 00:00 - Updated: 2026-04-14 14:44Summary
Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
5.5 (Medium)
Vendor Fix
0.8-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
Vendor Fix
0.8-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-34933.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon",
"tracking": {
"current_release_date": "2026-04-14T14:44:57.000Z",
"generator": {
"date": "2026-04-15T07:32:45.864Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-34933",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-04-09T01:01:25.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-04-13T14:38:48.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-04-14T14:44:57.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 avahi 0.8-5",
"product": {
"name": "\u003ccbl2 avahi 0.8-5",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 avahi 0.8-5",
"product": {
"name": "cbl2 avahi 0.8-5",
"product_id": "20861"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 avahi 0.8-7",
"product": {
"name": "\u003cazl3 avahi 0.8-7",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 avahi 0.8-7",
"product": {
"name": "azl3 avahi 0.8-7",
"product_id": "20862"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 avahi 0.8-8",
"product": {
"name": "\u003cazl3 avahi 0.8-8",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 avahi 0.8-8",
"product": {
"name": "azl3 avahi 0.8-8",
"product_id": "21205"
}
}
],
"category": "product_name",
"name": "avahi"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 avahi 0.8-5 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 avahi 0.8-5 as a component of CBL Mariner 2.0",
"product_id": "20861-17086"
},
"product_reference": "20861",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 avahi 0.8-7 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 avahi 0.8-7 as a component of Azure Linux 3.0",
"product_id": "20862-17084"
},
"product_reference": "20862",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 avahi 0.8-8 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 avahi 0.8-8 as a component of Azure Linux 3.0",
"product_id": "21205-17084"
},
"product_reference": "21205",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34933",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20861-17086",
"20862-17084",
"21205-17084"
],
"known_affected": [
"17086-3",
"17084-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-34933.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-09T01:01:25.000Z",
"details": "0.8-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2026-04-09T01:01:25.000Z",
"details": "0.8-8:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2",
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-3",
"17084-2",
"17084-1"
]
}
],
"title": "Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…