CVE-2024-52616 — Small Space of Random Values in Avahi

CWE-334 — Small Space of Random Values5 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 75.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avahi Debian Avahi Msrc Azl3 Avahi 0.8-5 ON Azure Linux 3.0 +1 more

Timeline

PublishedNov 21

Description

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶debiandebian/avahi< avahi 0.8-18 (forky)

▶Debianavahi/avahi< 0.8-18

▶msrcmsrc/azl3_avahi_0.8-5_on_azure_linux_3.0

▶msrcmsrc/cbl2_avahi_0.8-4_on_cbl_mariner_2.0

🔴Vulnerability Details

OSV

CVE-2024-52616: A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after tha↗2024-11-21

▶

📋Vendor Advisories

Red Hat

avahi: Avahi Wide-Area DNS Predictable Transaction IDs↗2024-11-15

▶

Microsoft

Avahi: avahi wide-area dns predictable transaction ids↗2024-11-12

▶

Debian

CVE-2024-52616: avahi - A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs r...↗2024

▶