#1088110 avahi: CVE-2024-52615: Avahi Wide-Area DNS Uses Constant Source Port

Package:
src:avahi
Source:
src:avahi
Submitter:
Salvatore Bonaccorso
Date:
2026-02-01 15:11:18 UTC
Severity:
normal
Tags:
#1088110#5
Date:
2024-11-23 13:23:34 UTC
From:
To:
Hi,

The following vulnerability was published for avahi.

Filling for having a tracker reference.

CVE-2024-52615[0]:
| A flaw was found in Avahi-daemon, which relies on fixed source ports
| for wide-area DNS queries. This issue simplifies attacks where
| malicious DNS responses are injected.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-52615
https://www.cve.org/CVERecord?id=CVE-2024-52615
[1] https://github.com/avahi/avahi/security/advisories/GHSA-x6vp-f33h-h32g

Regards,
Salvatore
#1088110#12
Date:
2025-07-03 03:44:27 UTC
From:
To:
Hi,

Appears that this got fixed upstream, cf.
https://github.com/avahi/avahi/pull/662 and
https://github.com/avahi/avahi/commit/4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942
.

Regards,
Salvatore
#1088110#21
Date:
2026-02-01 14:17:49 UTC
From:
To:
This introduced a regression:
https://github.com/avahi/avahi/issues/810

So I'll postpone a cherry-pick for now.


Regards,
Michael
#1088110#26
Date:
2026-02-01 15:08:03 UTC
From:
To:
Hi Michael

Thanks for the heads-up, I have added a note on the security-tracker
entry.

Yes make sense and it is not urgent anyway.

Regards,
Salvatore