VDB

ALSA-2026%3A20597

ALSA-2026%3A20597 PUBLISHED CVSS 8.699999809265137 HIGH

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: glibc: Incorrect DNS response parsing via crafted DNS server response (CVE-2026-4437) * glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions (CVE-2026-4438) * glibc: glibc: Denial of Service via iconv() function with specific character sets (CVE-2026-4046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Risk Scores

CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
AlmaLinux:9glibc-langpack-tpi0
AlmaLinux:9glibc-langpack-en0
AlmaLinux:9glibc-langpack-af0
AlmaLinux:9glibc-langpack-kab0
AlmaLinux:9glibc-langpack-mai0
AlmaLinux:9glibc-langpack-gv0
AlmaLinux:9glibc0
AlmaLinux:9glibc-langpack-et0
AlmaLinux:9glibc-langpack-ce0
AlmaLinux:9glibc-langpack-tl0
AlmaLinux:9glibc-langpack-ja0
AlmaLinux:9libnsl0
AlmaLinux:9glibc-utils0
AlmaLinux:9glibc-langpack-ne0
AlmaLinux:9glibc-langpack-cy0
AlmaLinux:9nscd0
AlmaLinux:9glibc-langpack-nn0
AlmaLinux:9glibc-langpack-dz0
AlmaLinux:9glibc-langpack-tcy0
AlmaLinux:9glibc-langpack-es0

…and 196 more

Timeline

  • May 26, 2026 CVE Published
  • Jun 30, 2026 CVE Updated
  • Jul 1, 2026 Distribution Patch
  • Jul 1, 2026 Distribution Patch
  • Jul 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›