CVE-2026-4437

{"id": "CVE-2026-4437", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-20T20:16:49.477", "references": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "3ff69d7a-14f2-4f67-a097-88dee7810d18", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer."}, {"lang": "es", "value": "Llamar a gethostbyaddr o gethostbyaddr_r con un nsswitch.conf configurado que especifica el backend DNS de la biblioteca en la GNU C Library versi\u00f3n 2.34 a la versi\u00f3n 2.43 podr\u00eda, con una respuesta manipulada del servidor DNS configurado, resultar en una violaci\u00f3n de la especificaci\u00f3n DNS que hace que la aplicaci\u00f3n trate una secci\u00f3n que no es de respuesta de la respuesta DNS como una respuesta v\u00e1lida."}], "lastModified": "2026-03-23T16:16:51.537", "sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18"}