Описание
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
A flaw was found in the GNU C library (glibc). When applications use the gethostbyaddr or gethostbyaddr_r functions with a nsswitch.conf configuration that specifies glibc's DNS backend, the library may return an invalid DNS hostname. This violates the DNS specification and could lead to applications receiving incorrect hostname information, potentially impacting network operations or security decisions.
Отчет
This is a LOW impact flaw where glibc's gethostbyaddr and gethostbyaddr_r functions may return an invalid DNS hostname. This occurs when applications use a nsswitch.conf configuration that specifies glibc's DNS backend. This could lead to applications receiving incorrect hostname information, potentially affecting network operations or security decisions on Red Hat Enterprise Linux and OpenShift Container Platform.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | glibc | Fix deferred | ||
| Red Hat Enterprise Linux 6 | compat-glibc | Fix deferred | ||
| Red Hat Enterprise Linux 6 | glibc | Fix deferred | ||
| Red Hat Enterprise Linux 7 | compat-glibc | Fix deferred | ||
| Red Hat Enterprise Linux 7 | glibc | Fix deferred | ||
| Red Hat Enterprise Linux 8 | glibc | Fix deferred | ||
| Red Hat Enterprise Linux 9 | glibc | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS3
Связанные уязвимости
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.co ...
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
EPSS
4 Medium
CVSS3