GNU C Library gethostbyaddr and gethostbyaddr_r Invalid DNS Hostname Vulnerability

A vulnerability exists in the GNU C Library (glibc) versions 2.34 through 2.43, within the Name Service Switch (NSS) component. When the DNS backend is specified in the nsswitch.conf file, the functions gethostbyaddr and gethostbyaddr_r may return invalid DNS hostnames that violate DNS standards. This issue arises from a flaw in how these functions process DNS responses, potentially allowing shell metacharacters to be included in the returned hostnames. If an application uses these hostnames in a shell command without proper sanitization, it could lead to shell injection vulnerabilities.

Impact

Exploitation of this vulnerability could result in shell injection attacks, where an attacker could execute arbitrary commands in the context of the user running the application that received the malformed hostname.

Remediation

A patch for this vulnerability has been developed and is available on the GNU C Library mailing list. Users should apply this patch to address the issue.