High severity7.3NVD Advisory· Published Apr 28, 2026· Updated May 5, 2026
CVE-2026-5435
CVE-2026-5435
Description
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
Affected products
55- osv-coords52 versionspkg:apk/chainguard/glibcpkg:apk/chainguard/glibc-devpkg:apk/chainguard/glibc-iconvpkg:apk/chainguard/glibc-locale-capkg:apk/chainguard/glibc-locale-depkg:apk/chainguard/glibc-locale-enpkg:apk/chainguard/glibc-locale-espkg:apk/chainguard/glibc-locale-extrapkg:apk/chainguard/glibc-locale-frpkg:apk/chainguard/glibc-locale-posixpkg:apk/chainguard/glibc-localespkg:apk/chainguard/glibc-testresultspkg:apk/chainguard/glibc-tracingpkg:apk/chainguard/ld-linuxpkg:apk/chainguard/libc-binpkg:apk/chainguard/libcrypt1pkg:apk/chainguard/localedefpkg:apk/chainguard/nscdpkg:apk/chainguard/nss-dbpkg:apk/chainguard/nss-hesiodpkg:apk/chainguard/pcprofiledumppkg:apk/chainguard/posix-libc-utilspkg:apk/chainguard/posix-libc-utils-binpkg:apk/chainguard/slnpkg:apk/chainguard/sotrusspkg:apk/chainguard/tzutilspkg:apk/wolfi/glibcpkg:apk/wolfi/glibc-devpkg:apk/wolfi/glibc-iconvpkg:apk/wolfi/glibc-locale-capkg:apk/wolfi/glibc-locale-depkg:apk/wolfi/glibc-locale-enpkg:apk/wolfi/glibc-locale-espkg:apk/wolfi/glibc-locale-extrapkg:apk/wolfi/glibc-locale-frpkg:apk/wolfi/glibc-locale-posixpkg:apk/wolfi/glibc-localespkg:apk/wolfi/glibc-testresultspkg:apk/wolfi/glibc-tracingpkg:apk/wolfi/ld-linuxpkg:apk/wolfi/libc-binpkg:apk/wolfi/libcrypt1pkg:apk/wolfi/localedefpkg:apk/wolfi/nscdpkg:apk/wolfi/nss-dbpkg:apk/wolfi/nss-hesiodpkg:apk/wolfi/pcprofiledumppkg:apk/wolfi/posix-libc-utilspkg:apk/wolfi/posix-libc-utils-binpkg:apk/wolfi/slnpkg:apk/wolfi/sotrusspkg:apk/wolfi/tzutils
< 0+ 51 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
2- inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/nvdThird Party Advisory
- sourceware.org/bugzilla/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.