Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-0915
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.
References
Affected products
glibc
- =<2.42
Matching in nixpkgs
pkgs.libc
GNU C Library
pkgs.glibc
GNU C Library
pkgs.getent
None
pkgs.locale
None
pkgs.mtrace
Perl script used to interpret and provide human readable output of the trace log contained in the file mtracedata, whose contents were produced by mtrace(3)
pkgs.getconf
None
pkgs.libiconv
None
pkgs.glibcInfo
GNU Info manual of the GNU C Library
pkgs.glibc_multi
None
pkgs.glibcLocales
Locale information for the GNU C Library
pkgs.glibc_memusage
GNU C Library
pkgs.glibcLocalesUtf8
Locale information for the GNU C Library
pkgs.unixtools.getent
None
pkgs.unixtools.locale
None
pkgs.unixtools.getconf
None
-
nixos-25.11 -
-
nixos-25.11 -
-
nixos-25.11 -
-
nixos-25.11 -
Package maintainers
-
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>