VYPR
Medium severity5.4NVD Advisory· Published Mar 20, 2026· Updated Apr 7, 2026

CVE-2026-4438

CVE-2026-4438

Description

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.

Affected products

293

Patches

Vulnerability mechanics

References

1

News mentions

1