CVE-2026-4437

Published: Mar 20, 2026

Modified: Mar 23, 2026

PUBLISHED

Description

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.

Vendor	Product	Versions
The GNU C Library	glibc	affected `2.34 - <= 2.43`

Weaknesses (CWE)

CWE-125

References

https://sourceware.org/bugzilla/show_bug.cgi?id=34014

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-4437

Description

Affected Products

Weaknesses (CWE)

References