Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway for Multiplatforms.

Summary CICS Transaction Gateway for Multiplatforms has been updated in order to address multiple vulnerabilities CVE-2025-15281, CVE-2026-0915, CVE-2025-15366, CVE-2025-15367, CVE-2026-0865, CVE-2026-1299, CVE-2025-14831, CVE-2025-9820, CVE-2025-69419, WS-2026-0003, GHSA-72hv-8253-57qq...

ROS-20260505-73-0081

A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library is related to the use of an uninitialized resource. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

Astra Linux - уязвимость в glibc

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library’s DNS backend can lead to a situation where a zero-valued network is queried during operations in the GNU C Library versions 2.0 to 2.42. This could result in the leakage of stack contents to the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-006299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006299 advisory. Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in...

Oracle Linux 8 : glibc (ELSA-2026-4772)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4772 advisory. - CVE-2025-15281: wordexp WRDEREUSE uninitialized memory read RHEL-142787 - CVE-2026-0915: Stack memory disclosure in getnetbyaddr RHEL-141849 -...

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

SUSE-SU-2026:0680-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 - CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 - CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp...

CLSA-2026-1772114900 glibc: Fix of CVE-2026-0915

CVE-2026-0915: fix leak of stack contents to configured DNS resolver when resolving a zero-valued network via getnetbyaddr/getnetbyaddrr with DNS NSS backend; sanitize network value and avoid passing uninitialized stack data to resolver...

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

OESA-2026-1266 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Oracle Linux 10 : glibc (ELSA-2026-1334)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1334 advisory. - CVE-2026-0915: Stack memory disclosure in getnetbyaddr RHEL-141848 - CVE-2026-0861: Check for alignment overflow in memalign functions RHEL-141732...

MGASA-2026-0022 Updated glibc packages fix security vulnerabilities

Integer overflow in memalign leads to heap corruption. CVE-2026-0861 getnetbyaddr and getnetbyaddrr leak stack contents to DNS resovler. CVE-2026-0915 wordexp with WRDEREUSE and WRDEAPPEND may return uninitialized memory. CVE-2025-15281...

Updated glibc packages fix security vulnerabilities

Integer overflow in memalign leads to heap corruption. CVE-2026-0861 getnetbyaddr and getnetbyaddrr leak stack contents to DNS resovler. CVE-2026-0915 wordexp with WRDEREUSE and WRDEAPPEND may return uninitialized memory. CVE-2025-15281...

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

Fedora 42 : glibc (2026-a2f3af8a86)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a2f3af8a86 advisory. This update switches the currency symbol for Bulgaria to the Euro. Furthermore, it addresses several security vulnerabilities: A crash when wordexp ...

OESA-2026-1200 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2026-1198 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler

...

SUSE CVE-2026-0915

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...

CVE-2026-0915

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...