A buffer overflow flaw was found in the way glibc’s gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. (Red Hat Bugzilla – Bug 1199525)
Impact
An attacker with local access and knowledge of how to make the glibcfunction trigger an exploit may be able to crash the application or run arbitrary code.