Security update for avahi
This update for avahi fixes the following issue: - CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546).
AI Analysis
Technical Summary
CVE-2026-34933 affects avahi versions before 0.9-rc4. It allows an unprivileged local user to cause a denial of service by crashing the avahi-daemon through a specially crafted D-Bus method call containing conflicting publish flags. This vulnerability is fixed in version 0.9-rc4. The issue was identified and patched by the SUSE Product Security Team as part of advisory SUSE-SU-2026:2297-1.
Potential Impact
An unprivileged local user can crash the avahi-daemon, resulting in a denial of service condition on the affected system. There is no indication of remote exploitation or privilege escalation. No known exploits are reported in the wild.
Mitigation Recommendations
Upgrade avahi to version 0.9-rc4 or later where this vulnerability is fixed. The SUSE advisory SUSE-SU-2026:2297-1 provides the official update. No additional mitigation is required once the update is applied.
Security update for avahi
Description
This update for avahi fixes the following issue: - CVE-2026-34933: reachable assertion in `transport_flags_from_domain` can crash the `avahi-daemon` (bsc#1261546).
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-34933 affects avahi versions before 0.9-rc4. It allows an unprivileged local user to cause a denial of service by crashing the avahi-daemon through a specially crafted D-Bus method call containing conflicting publish flags. This vulnerability is fixed in version 0.9-rc4. The issue was identified and patched by the SUSE Product Security Team as part of advisory SUSE-SU-2026:2297-1.
Potential Impact
An unprivileged local user can crash the avahi-daemon, resulting in a denial of service condition on the affected system. There is no indication of remote exploitation or privilege escalation. No known exploits are reported in the wild.
Mitigation Recommendations
Upgrade avahi to version 0.9-rc4 or later where this vulnerability is fixed. The SUSE advisory SUSE-SU-2026:2297-1 provides the official update. No additional mitigation is required once the update is applied.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- SUSE Product Security Team
- Advisory Id
- SUSE-SU-2026:2297-1
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a27e9a88dd33fbd8516f3f1
Added to database: 6/9/2026, 10:23:36 AM
Last enriched: 6/9/2026, 10:52:15 AM
Last updated: 6/10/2026, 5:08:14 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.