In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-9169 User=admin}