Credit: Fermin J. Serna
This vulnerability was discovered when SSH kept segfaulting when a Google engineer tried to connect to a particular host. Rather than being a bug in SSH, it turned out that Google has ridiculously long internal hostnames that cause stack buffer overflows in glibc’s DNS resolution code. They also have some ridiculously talented security engineers who were able to bypass modern Linux security mitigations like ASLR and exploit this bug.
glibc getaddrinfo stack-based buffer overflow (CVE-2015-7547)