CVE-2026-4437

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Calling gethostbyaddr or gethostbyaddr r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-4437

Affected Products

Glibc

CVE-2026-4437

Weakness Enumeration

Related Identifiers

Affected Products

References · 2