diff mbox series

[1/5] Update GLIBC-SA-2026-0012 to mention A6 records

Message ID 3a2b6ed629ccc8bf33644220d58fe3bfc94da09f.1777546194.git.fweimer@redhat.com (mailing list archive)
State Under Review
Delegated to: Carlos O'Donell
Headers
Series Fixes for CVE-2026-5435, CVE-2026-6238 |

Checks

Context Check Description
redhat-pt-bot/TryBot-apply_patch success Patch applied to master at the time it was sent

Commit Message

Florian Weimer April 30, 2026, 10:51 a.m. UTC 
  It turns out there is a missing inner length check in it, too.

Also fix the vulnerable commit.  It predates the glibc 2.0 release
because the old stream-based formatting code in resolv/res_debug.c had
the same bug in its LOC handling.
---
 advisories/GLIBC-SA-2026-0012 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/advisories/GLIBC-SA-2026-0012 b/advisories/GLIBC-SA-2026-0012
index 6f8f00ddd7..926ca16102 100644
--- a/advisories/GLIBC-SA-2026-0012
+++ b/advisories/GLIBC-SA-2026-0012
@@ -2,7 +2,7 @@  Buffer overread in ns_printrrf with corrupted RDATA field
 
 The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the
 GNU C Library version 2.2 and newer fail to validate the RDATA content
-against the RDATA length in a DNS response when processing LOC, CERT,
+against the RDATA length in a DNS response when processing A6, CERT, LOC,
 TKEY or TSIG records, which may allow an attacker to craft a DNS
 response, causing a target application to crash or read uninitialized
 memory.
@@ -15,4 +15,4 @@  interfaces since they may be removed in future versions.
 
 CVE-Id: CVE-2026-6238
 Public-Date: 2026-04-11
-Vulnerable-Commit: b43b13ac2544b11f35be301d1589b51a8473e32b (2.2)
+Vulnerable-Commit: ee188d555b8c32ad9704a7440cab400af967292f (1.90)