CVE-2014-8121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8121): DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over the database, which triggers the file pointer to be reset.
this is fixed in glibc-2.22, but i don't plan on trying to backport it as it touches a few more files/logic than i'm comfortable with backporting
i've included this in glibc-2.21-r2 now; stabilization is via bug 574880
This issue was resolved and addressed in GLSA 201602-02 at https://security.gentoo.org/glsa/201602-02 by GLSA coordinator Tobias Heinlein (keytoaster).