Ondrej Bilka

**Name of the Vulnerable Software and Affected Versions** glibc versions prior to 2.21 **Description** The issue is caused by an integer overflow in the `strxfrm` function, which can be triggered by a long string. This can lead to a stack-based buffer overflow, potentially allowing context-dependent attackers to cause a denial of service or possibly execute arbitrary code. **Recommendations** For versions prior to 2.21, update to version 2.21 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `strxfrm` function to minimize the risk of exploitation. Avoid using long strings that could trigger the integer overflow until the issue is resolved.