Explore top 10 tips to secure your open-source projects now. Read More
×
This update for avahi fixes the following issue:
* CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by
sending an unsolicited mDNS response containing a recursive CNAME record
(bsc#1257235).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1441=1 openSUSE-SLE-15.6-2026-1441=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1441=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1441=1
* SUSE Package Hub 15 15-SP7
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1441=1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libavahi-glib-devel-0.8-150600.15.15.1
* avahi-qt5-debugsource-0.8-150600.15.15.1
* libavahi-common3-debuginfo-0.8-150600.15.15.1
* libavahi-glib1-debuginfo-0.8-150600.15.15.1
* python3-avahi-gtk-0.8-150600.15.15.1
* avahi-0.8-150600.15.15.1
* libdns_sd-0.8-150600.15.15.1
* avahi-utils-debuginfo-0.8-150600.15.15.1
* libavahi-qt5-1-0.8-150600.15.15.1
* libavahi-libevent1-debuginfo-0.8-150600.15.15.1
* avahi-utils-gtk-0.8-150600.15.15.1
* avahi-debugsource-0.8-150600.15.15.1
* libavahi-gobject0-0.8-150600.15.15.1
* avahi-compat-howl-devel-0.8-150600.15.15.1
* libhowl0-0.8-150600.15.15.1
* avahi-autoipd-0.8-150600.15.15.1
* python3-avahi-0.8-150600.15.15.1
* libavahi-libevent1-0.8-150600.15.15.1
* libavahi-qt5-1-debuginfo-0.8-150600.15.15.1
* libavahi-qt5-devel-0.8-150600.15.15.1
* libavahi-ui-gtk3-0-0.8-150600.15.15.1
* libavahi-common3-0.8-150600.15.15.1
* typelib-1_0-Avahi-0_6-0.8-150600.15.15.1
* libavahi-client3-0.8-150600.15.15.1
*...
Read the Full Advisory* bsc#1257235
## References:
* https://www.suse.com/security/cve/CVE-2026-24401.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257235
Get the latest Linux and open source security news straight to your inbox.