Skip to content

CVE-2024-52615 on CTRL-OS 24.05

Packages: avahi

Status: In Progress

CVE Information

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

Updates

2026-04-07 23:49 CEST

Metadata changes:

  • Status for package avahi: “In Progress

Comment:

Will be mitigated by default configuration, as the fix introduces CVE-2025-59529.

2026-04-07 23:21 CEST

Metadata changes:

  • Status for package avahi: “Plausible

2026-04-07 23:16 CEST

Metadata changes:

  • Status for package avahi: “Acknowledged

(Amended on: 2026-04-07 23:31 CEST)