Description

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.

INFO

Published Date :

2026-04-28T16:43:08.526Z

Last Modified :

2026-04-28T18:51:25.367Z

Source :

glibc
AFFECTED PRODUCTS

The following products are affected by CVE-2026-6238 vulnerability.

Vendors Products
Gnu
  • Glibc
Redhat
  • Hummingbird
The Gnu C Library
  • Glibc
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-6238.

URL Resource
https://inbox.sourceware.org/libc-announce/[email protected]/T/#u cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-6238 cve-icon
https://sourceware.org/bugzilla/show_bug.cgi?id=34069 cve-icon cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-6238 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact