Note that the bug only applies if the application can generate a buffer larger than 2^31 bytes as a printf argument, meaning it's practically not exploitable for 32-bit builds.