Skip to content

CTRL-OS Security Tracker

CVE-2025-68468 on CTRL-OS 24.05

CVE-2025-68468 on CTRL-OS 24.05

Packages: avahi

Status: In Progress

CVE Information

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

Updates

2026-04-07 23:54 CEST

Metadata changes:

Status for package avahi: “In Progress”

2026-04-07 23:27 CEST

Metadata changes:

Status for package avahi: “Plausible”

2026-04-07 16:53 CEST

Metadata changes:

Status for package avahi: “Acknowledged”