A flaw in glibc’s gethostbyaddr and gethostbyaddr_r functions can cause the library to return hostnames that do not conform to the DNS specification. The vulnerability arises when the nsswitch.conf configuration selects the DNS backend for name resolution in GNU C Library versions 2.34 through 2.43. The primary impact is that applications receiving these invalid hostnames may experience logic errors, incorrect routing, or validation failures, potentially leading to unintended behavior or denial of service in name‑resolution dependent components. The weakness is a classic input validation failure (CWE‑20) and improper handling of external data.

Any system that uses glibc 2.34, 2.35, 2.36, 2.37, 2.38, 2.39, 2.40, 2.41, 2.42, or 2.43 and has an nsswitch.conf entry that specifies the DNS backend. This includes most Linux distributions and UNIX‑like operating systems that ship with these glibc versions.

The CVSS score of 5.4 classifies the issue as moderate, and the EPSS score of less than 1% indicates a low probability of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalog. Exploitation would require that an attacker can trigger a DNS lookup through glibc’s gethostbyaddr functions, either remotely via an application that performs such lookups or locally if an application can influence the DNS response. The description does not imply remote code execution or privilege escalation; the attack vector is inferred to be application‑level DNS resolution.