I see on our RedHat Linux platform that "java" process has dependency over glibc library:
[root@hpproliant1 ~]# ldd /usr/bin/java
linux-gate.so.1 => (0xffffe000)
libpthread.so.0 => /lib/libpthread.so.0 (0xf7f77000)
libjli.so => /usr/java/32bit/jre1.6.0_26/bin/../lib/i386/jli/libjli.so (0xf7f6e000)
libdl.so.2 => /lib/libdl.so.2 (0xf7f69000)
libc.so.6 => /lib/libc.so.6 (0xf7e11000)
/lib/ld-linux.so.2 (0xf7f97000)
Does Java APIs call indirectly problematic glibc functions? If so is the jvm using the vulnerable function in a way that's vulnerable?