Gnu · Glibc · CVE-2017-15670
**Name of the Vulnerable Software and Affected Versions**
The GNU C Library (aka glibc or libc6) versions prior to 2.27
**Description**
The issue is related to an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c. This error occurs when processing home directories using the ~ operator followed by a long string, potentially allowing a remote attacker to cause a crash of the application.
**Recommendations**
For versions prior to 2.27, update to version 2.27 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ~ operator followed by long strings in the glob function until a patch is applied.