Absence of control for large number of open file descriptors or sockets (FD_SETSIZE) allow to write arbitrary memory.
vulners.com/securityvulns/securityvulns:doc:7669