Description
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.
Published: 2026-03-20
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

A flaw in the GNU C Library’s gethostbyaddr and gethostbyaddr_r functions causes them to misinterpret DNS replies when the system’s name service switch points to a DNS backend. A malicious DNS server can send a crafted packet that violates the DNS specification by placing a non‑answer section in the answer position. The library, following its own logic, treats this section as a valid answer, potentially leading to corrupted hostname resolution or an application crash. The weakness maps to CWE‑125 and CWE‑1286.

Affected Systems

The vulnerability is present in glibc versions 2.34 through 2.43, whenever the nsswitch.conf file references a DNS backend. All Linux distributions that ship these glibc releases, including Debian, Ubuntu, Red Hill, CentOS, Fedora and others, are affected for any application that links against glibc and uses the gethostbyaddr or gethostbyaddr_r interfaces.

Risk and Exploitability

The CVSS base score of 7.5 indicates high severity. The EPSS score is below 1 %, suggesting a low probability of exploitation at present. The vulnerability is not yet catalogued in CISA’s KEV list. Exploitation would require control of a DNS server that the victim queries and the ability to deliver a malformed response. The likely attack vector is network‑based remote via DNS; this is inferred from the need for a crafted DNS reply and no requirement for local privileges.

Generated by OpenCVE AI on April 7, 2026 at 23:43 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade glibc to version 2.44 or later
  • Ensure that nsswitch.conf points only to trusted DNS backends or disable DNS resolution for critical services
  • Restart applications that link against glibc so they load the updated library

Generated by OpenCVE AI on April 7, 2026 at 23:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Gnu
Gnu glibc
CPEs cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
Vendors & Products Gnu
Gnu glibc

Mon, 23 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Mon, 23 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1286
References
Metrics threat_severity

None

 cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

threat_severity

Moderate

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared The Gnu C Library
The Gnu C Library glibc
Vendors & Products The Gnu C Library
The Gnu C Library glibc

Fri, 20 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Description Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.
Title gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response
Weaknesses CWE-125
References

Subscriptions

Gnu Glibc
The Gnu C Library Glibc
cve-icon MITRE

Status: PUBLISHED

Assigner: glibc

Published:

Updated: 2026-03-23T15:13:56.930Z

Reserved: 2026-03-19T19:55:42.906Z

Link: CVE-2026-4437

cve-icon Vulnrichment

Updated: 2026-03-23T15:10:49.136Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T20:16:49.477

Modified: 2026-04-07T18:41:36.647

Link: CVE-2026-4437

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-20T19:59:00Z

Links: CVE-2026-4437 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T20:01:26Z

Weaknesses