CVE-2026-0915

High CVSS: 7.5

Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

Vendor

Gnu

Product

Glibc

CWE

CWE-908

Yayın Tarihi

2026-01-15 22:16:12

Güncelleme

2026-01-23 19:36:50

Source Identifier

3ff69d7a-14f2-4f67-a097-88dee7810d18

KEV Date Added

Kategoriler

CWE-908 Glibc HIGH Gnu 2026

Referanslar

https://sourceware.org/bugzilla/show_bug.cgi?id=33802 http://www.openwall.com/lists/oss-security/2026/01/16/6 https://sourceware.org/bugzilla/show_bug.cgi?id=33802

Benzer Kayıtlar

Medium

CVE-2026-4647

A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files…

Medium

CVE-2026-3441

A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in t…

Medium

CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read,…

Medium

CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

Medium

CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malfor…

High

CVE-2025-69649

GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary wi…