Packages
- avahi - IPv4LL network address configuration daemon
Details
It is discovered that Avahi incorrectly handled crafted input. A
remote attacker could possibly use this issue to crash the program,
resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2026-24401)
Guillaume Meunier discovered that Avahi incorrectly handled crafted
input. An attacker could possibly use this issue to crash the
program, resulting in a denial of service. (CVE-2026-34933)
It is discovered that Avahi incorrectly handled crafted input. A
remote attacker could possibly use this issue to crash the program,
resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2026-24401)
Guillaume Meunier discovered that Avahi incorrectly handled crafted
input. An attacker could possibly use this issue to crash the
program, resulting in a denial of service. (CVE-2026-34933)
Update instructions
The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 26.04 LTS resolute | avahi-daemon – 0.8-18ubuntu1.1 | ||
| 25.10 questing | avahi-daemon – 0.8-16ubuntu3.2 | ||
| 24.04 LTS noble | avahi-daemon – 0.8-13ubuntu6.2 | ||
| 22.04 LTS jammy | avahi-daemon – 0.8-5ubuntu5.5 | ||
| 20.04 LTS focal | avahi-daemon – 0.7-4ubuntu7.3+esm2 | ||
| 18.04 LTS bionic | avahi-daemon – 0.7-3.1ubuntu1.3+esm4 | ||
| 16.04 LTS xenial | avahi-daemon – 0.6.32~rc+dfsg-1ubuntu2.3+esm5 | ||
| 14.04 LTS trusty | avahi-daemon – 0.6.31-4ubuntu1.3+esm5 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.