CVE-2026-6238: Buffer overread in ns_printrrf with corrupted RDATA field

Published Apr 28, 2026
·
Updated

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.

Affected Software

2 affected components
GNU GNU C Library>=2.2
GNU glibc>=2.2

Event History

Apr 28, 2026
CVE Published
via MITRE·04:43 PM
Data Sourced
via MITRE·04:43 PM
DescriptionWeakness
Data Sourced
via NVD·07:37 PM
DescriptionSeverityWeaknessAffected Software
Mar 30, 58312
Event
via FIRST·05:55 AM
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2026-6238?

The vulnerability CVE-2026-6238 is categorized as a high severity issue due to the potential for buffer overread that could lead to information disclosure.

2

How do I fix CVE-2026-6238?

To resolve CVE-2026-6238, update the GNU C Library to a version that includes the fix for the buffer overread issue.

3

Which versions of the GNU C Library are affected by CVE-2026-6238?

CVE-2026-6238 affects the GNU C Library version 2.2 and newer.

4

What type of records are involved in CVE-2026-6238?

CVE-2026-6238 involves CORRUPT RDATA fields in DNS responses for LOC, CERT, TKEY, and TSIG records.

5

What are the risks associated with CVE-2026-6238?

The risks associated with CVE-2026-6238 include potential data leakage and exposure of sensitive information due to the buffer overread.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203
CVE-2026-6238 - Buffer overread in ns_printrrf with corrupted RDATA field - SecAlerts