Linuxsecurity
SUSE Avahi Vulnerabilities Addressed in Recent Updates
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
SUSE has released updates addressing two moderate vulnerabilities in the Avahi service, affecting multiple versions of SUSE Linux. The vulnerabilities, identified as CVE-2026-34933 and CVE-2026-24401, can cause the avahi-daemon to crash under specific conditions. CVE-2026-34933 involves a reachable assertion in the `transport_flags_from_domain`, while CVE-2026-24401 deals with unsolicited mDNS responses containing a recursive CNAME record. The updates are applicable to SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2, among others. Users are advised to apply the patches using SUSE's recommended installation methods. The vulnerabilities were published earlier this year, with CVE-2026-24401 on January 24 and CVE-2026-34933 on April 3. The current status is that patches are available and users are encouraged to update their systems promptly.
Key Points: • SUSE released patches for two moderate vulnerabilities in Avahi affecting multiple systems. • CVE-2026-34933 and CVE-2026-24401 can crash the avahi-daemon under specific conditions. • Users should apply the patches using recommended methods to mitigate the risks.