CVE-2026-5435
published 2026-04-28CVE-2026-5435: The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length…
high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnu | glibc | — | — |
| gnu | glibc | >= 2.2 | — |
| the_gnu_c_library | glibc | 2.2 – * | — |