A buffer overflow has been found in getaddrinfo(). Patch with fix has been provided by reporter in https://github.com/zephyrproject-rtos/zephyr/pull/6158
This seems to affect older versions, so backporting to 1.10 and 1.9 is advisable.
Due to the severity (externally controllable), I would even assign a CVE number.
A backport to 1.10 has been provided. Awaiting a point release.
Patch has been applied to 1.11 (HEAD) and will be available in the next 1.10 point release.
Added affected versions and CVE. Release 1.11.0 contains fix. However, we don't have the issue in any 1.9.X and 1.10.X point release at this time.