Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
Gentoo Linux Security Advisory 201612-25 - A vulnerability in CrackLib could lead to the execution of arbitrary code. Versions less than 2.9.6-r1 are affected.