SB20260424143 - Ubuntu update for avahi

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Reachable assertion (CVE-ID: CVE-2025-68276)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to reachable assertion in avahi_wide_area_scan_cache when creating a record browser with the AVAHI_LOOKUP_USE_WIDE_AREA flag while wide-area is disabled. A local user can create a crafted record browser request to cause a denial of service.

The issue causes avahi-daemon to terminate with SIGABRT.

2) Reachable assertion (CVE-ID: CVE-2025-68468)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to reachable assertion in lookup_multicast_callback when processing unsolicited multicast DNS announcements containing CNAME resource records that point to records with short TTLs. A remote attacker can send a specially crafted announcement to cause a denial of service.

User interaction is required because exploitation depends on a record browser browsing for the targeted service type.

3) Reachable assertion (CVE-ID: CVE-2025-68471)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to reachable assertion in lookup_start when processing unsolicited multicast DNS announcements with CNAME resource records. A remote attacker can send two specially crafted unsolicited announcements to cause a denial of service.

The issue affects record browsers where AVAHI_LOOKUP_USE_MULTICAST is set explicitly, and user interaction is required.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-7967-1