Glibc Patch Fixes a 30-Year DNS Leak (CVE-2026-0915)
A security fix in the GNU C Library addresses a flaw (CVE-2026-0915) present since 1996 that could leak adjacent stack data to the DNS resolver through getnetbyaddr/getnetbyaddr_r. The NSS DNS back-end was fixed after zero-value network inputs were found to be mishandled, with a default query now used when the network value is zero. Glibc 2.43 is expected by early February, and a related issue (CVE-2026-0861) concerning memalign-induced overflow/heap corruption was also resolved in the same update.