CVE-2026-4438

ADVISORY - nist

Summary

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20⁠

Improper Input Validation

Impacted images

Advisories

NIST

CREATED

4 hours ago

UPDATED

4 hours ago

ADVISORY IDCVE-2026-4438⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

2 hours ago

UPDATED

2 hours ago

ADVISORY IDCVE-2026-4438⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY