Leo Yuriev

**Name of the Vulnerable Software and Affected Versions** GNU C Library version 2.38 **Description** A critical issue has been identified in the GNU C Library, affecting the ` monstartup` function of the `gmon.c` file in the Call Graph Monitor component. This issue leads to a buffer overflow. The inputs that trigger this issue are typically addresses of a running application built with gmon enabled, which can be considered trusted input or input that requires an actual security flaw to be compromised or controlled. The existence of this issue is still under scrutiny. **Recommendations** To fix this issue, it is recommended to apply a patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability.