CVE-2026-5435 PUBLISHED

Potential buffer overflow in ns_sprintrrf TSIG handling path

Assigner: glibc
Reserved: 02.04.2026 Published: 28.04.2026 Updated: 28.04.2026

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.

Product Status

Vendor	The GNU C Library
Product	glibc
Versions	Default: unaffected affected from 2.2 to * (incl.)

Credits

shinobu finder

References

https://sourceware.org/bugzilla/show_bug.cgi?id=34033
https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u

Problem Types

CWE-787 Out-of-bounds write CWE

Impacts

CAPEC-100 Overflow Buffers