DNS Response Handling Flaw in GNU C Library by GNU

CVE-2026-4437

What is CVE-2026-4437?

The GNU C Library is vulnerable to a flaw that arises when interacting with a DNS server configured in the nsswitch.conf file. Specifically, functions like gethostbyaddr or gethostbyaddr_r may not properly handle crafted DNS responses, resulting in a situation where a non-answer section is incorrectly categorized as a valid answer. This compromise can lead to unexpected application behavior and violation of DNS protocol specifications, particularly in handling DNS data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References