diff mbox series

[scarthgap] avahi: fixes CVE-2025-68468

Message ID 20260123103715.32186-1-amaury.couderc@est.tech
State Under Review
Delegated to: Yoann Congal
Headers show
Series [scarthgap] avahi: fixes CVE-2025-68468 | expand

Commit Message

Amaury Couderc Jan. 23, 2026, 10:36 a.m. UTC 
From: Amaury Couderc <amaury.couderc@est.tech>

avahi: fix DoS bug by removing incorrect assertion

Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
---
 meta/recipes-connectivity/avahi/avahi_0.8.bb  |  2 +-
 .../avahi/files/CVE-2025-68468.patch          | 32 +++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch

Comments

Yoann Congal Feb. 4, 2026, 10:53 a.m. UTC | #1 
On Fri Jan 23, 2026 at 11:36 AM CET, Amaury Couderc via lists.openembedded.org wrote:
> From: Amaury Couderc <amaury.couderc@est.tech>
>
> avahi: fix DoS bug by removing incorrect assertion
>
> Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
> ---
>  meta/recipes-connectivity/avahi/avahi_0.8.bb  |  2 +-
>  .../avahi/files/CVE-2025-68468.patch          | 32 +++++++++++++++++++
>  2 files changed, 33 insertions(+), 1 deletion(-)
>  create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch

Hello,

If I'm not mistaken, this patch does not have a master equivalent.
Please fix CVE-2025-68468 on master and whinlatter (by upgrade or patch)
and, then, request a backport scarthgap.

Regards,

>
> diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
> index ffda85c0e7..8f8f4a0d88 100644
> --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
> +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
> @@ -37,6 +37,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
>             file://CVE-2023-38473.patch \
>             file://CVE-2024-52616.patch \
>             file://CVE-2024-52615.patch \
> +           file://CVE-2025-68468.patch \
>             "
>  
>  GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
> diff --git a/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch b/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
> new file mode 100644
> index 0000000000..3635cc8d53
> --- /dev/null
> +++ b/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
> @@ -0,0 +1,32 @@
> +From 483f83828cfda965fac914ff1b39c63c256372b2 Mon Sep 17 00:00:00 2001
> +From: Hugo Muis <198191869+friendlyhugo@users.noreply.github.com>
> +Date: Sun, 2 Mar 2025 18:06:24 +0100
> +Subject: [PATCH] core: fix DoS bug by removing incorrect assertion
> +
> +Closes https://github.com/avahi/avahi/issues/683
> +
> +CVE: CVE-2025-68468
> +
> +Upstream-Status: Backport
> +[https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a]
> +
> +Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
> +---
> + avahi-core/browse.c | 1 -
> + 1 file changed, 1 deletion(-)
> +
> +diff --git a/avahi-core/browse.c b/avahi-core/browse.c
> +index 86e4432..79595fe 100644
> +--- a/avahi-core/browse.c
> ++++ b/avahi-core/browse.c
> +@@ -295,7 +295,6 @@ static void lookup_multicast_callback(
> +                 lookup_drop_cname(l, interface, protocol, 0, r);
> +             else {
> +                 /* It's a normal record, so let's call the user callback */
> +-                assert(avahi_key_equal(b->key, l->key));
> + 
> +                 b->callback(b, interface, protocol, event, r, flags, b->userdata);
> +             }
> +-- 
> +2.43.0
> +
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
index ffda85c0e7..8f8f4a0d88 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -37,6 +37,7 @@  SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
            file://CVE-2023-38473.patch \
            file://CVE-2024-52616.patch \
            file://CVE-2024-52615.patch \
+           file://CVE-2025-68468.patch \
            "
 
 GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch b/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
new file mode 100644
index 0000000000..3635cc8d53
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/CVE-2025-68468.patch
@@ -0,0 +1,32 @@ 
+From 483f83828cfda965fac914ff1b39c63c256372b2 Mon Sep 17 00:00:00 2001
+From: Hugo Muis <198191869+friendlyhugo@users.noreply.github.com>
+Date: Sun, 2 Mar 2025 18:06:24 +0100
+Subject: [PATCH] core: fix DoS bug by removing incorrect assertion
+
+Closes https://github.com/avahi/avahi/issues/683
+
+CVE: CVE-2025-68468
+
+Upstream-Status: Backport
+[https://github.com/avahi/avahi/commit/f66be13d7f31a3ef806d226bf8b67240179d309a]
+
+Signed-off-by: Amaury Couderc <amaury.couderc@est.tech>
+---
+ avahi-core/browse.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/avahi-core/browse.c b/avahi-core/browse.c
+index 86e4432..79595fe 100644
+--- a/avahi-core/browse.c
++++ b/avahi-core/browse.c
+@@ -295,7 +295,6 @@ static void lookup_multicast_callback(
+                 lookup_drop_cname(l, interface, protocol, 0, r);
+             else {
+                 /* It's a normal record, so let's call the user callback */
+-                assert(avahi_key_equal(b->key, l->key));
+ 
+                 b->callback(b, interface, protocol, event, r, flags, b->userdata);
+             }
+-- 
+2.43.0
+