K39204079 : GNU C Library vulnerability CVE-2015-8983

Security Advisory Description

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. (CVE-2015-8983)
Impact
An attacker with administrative command line access may be able to make an application call integer overflow in the IO_wstr_overflow function, which can use this vulnerability to cause that application to exit or execute arbitrary code by using permissions of the user running the application.