> A flaw was found in the Avahi-daemon, where it initializes DNS > transaction IDs randomly only once at startup, incrementing them > sequentially after that. This predictable behavior facilitates DNS > spoofing attacks, allowing attackers to guess transaction IDs. > > The sequential increment of DNS transaction IDs makes Avahi vulnerable > to DNS spoofing, allowing attackers to inject malicious DNS records. > This can compromise the integrity of DNS responses, redirecting users to > potentially harmful domains. This vulnerability poses a greater risk as > it directly undermines the integrity of DNS resolution, affecting all > systems using Avahi for wide-area DNS queries unless mitigations are > applied.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab9985e29a3ba1f5afe68eaeb78e0eb820473742 commit ab9985e29a3ba1f5afe68eaeb78e0eb820473742 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2025-01-08 22:21:25 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2025-01-08 23:14:37 +0000 net-dns/avahi: drop 0.9_rc1 Bug: https://bugs.gentoo.org/947638 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> net-dns/avahi/Manifest | 1 - net-dns/avahi/avahi-0.9_rc1.ebuild | 203 ------------------------------------- 2 files changed, 204 deletions(-)
