vulnerability
Ubuntu: USN-7967-1 (CVE-2025-68468): Avahi vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Jan 12, 2026 | Jan 20, 2026 | Jan 21, 2026 |
Description
It was discovered that Avahi incorrectly terminated when processing browser
records with wide-area disabled. An attacker could possibly use this issue
to cause Avahi to crash, resulting in a denial of service. (CVE-2025-68276)
It was discovered that Avahi incorrectly terminated when processing
unsolicited CNAME records pointing to resource records with short TTLs. An
attacker could possibly use this issue to cause Avahi to crash, resulting
in a denial of service. (CVE-2025-68468)
It was discovered that Avahi incorrectly terminated when processing
unsolicited CNAME records in quick succession. An attacker could possibly
use this issue to cause Avahi to crash, resulting in a denial of service.
(CVE-2025-68471)
Solution
References
- CVE-2025-68468
- https://attackerkb.com/topics/CVE-2025-68468
- CWE-617
- UBUNTU-USN-7967-1
- URL-https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a
- URL-https://github.com/avahi/avahi/issues/683
- URL-https://github.com/avahi/avahi/security/advisories/GHSA-cp79-r4x9-vf52
- URL-https://ubuntu.com/security/notices/USN-7967-1
- URL-https://www.cve.org/CVERecord?id=CVE-2025-68468
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.