CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response
containing a recursive CNAME record (bsc#1257235).
Affected Packages(30 packages)
avahi
SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Module for Desktop Applications 15 SP7SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
avahi-compat-howl-devel
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
avahi-compat-mDNSResponder-devel
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
avahi-glib2
SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Module for Desktop Applications 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
avahi-lang
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
avahi-utils
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
libavahi-client3
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
libavahi-client3-32bit
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
libavahi-common3
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6
Fixed in:
0.8-150600.15.15.1
libavahi-common3-32bit
SUSE Linux Enterprise Module for Basesystem 15 SP7openSUSE Leap 15.6