CVE-2024-52615

Avahi: avahi wide-area dns uses constant source port

Description

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

INFO

Published Date :

2024-11-21T20:34:00.981Z

Last Modified :

2026-03-19T17:21:42.571Z

Source :

redhat

AFFECTED PRODUCTS

The following products are affected by CVE-2024-52615 vulnerability.

Vendors	Products
Redhat	Enterprise Linux Openshift

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52615.

URL	Resource
https://access.redhat.com/errata/RHSA-2025:11402
https://access.redhat.com/errata/RHSA-2025:16441
https://access.redhat.com/security/cve/CVE-2024-52615
https://bugzilla.redhat.com/show_bug.cgi?id=2326418
https://github.com/avahi/avahi/pull/577
https://nvd.nist.gov/vuln/detail/CVE-2024-52615
https://www.cve.org/CVERecord?id=CVE-2024-52615

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact