diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix
index 32be2205bcc..690afc9971d 100644
--- a/pkgs/development/libraries/glibc/common.nix
+++ b/pkgs/development/libraries/glibc/common.nix
@@ -97,6 +97,11 @@ stdenv.mkDerivation ({
       ./CVE-2018-11236.patch
       # https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f51c8367685dc888a02f7304c729ed5277904aff
       ./CVE-2018-11237.patch
+
+      # Remove after upgrading to glibc 2.28+
+      # Change backported from upstream
+      # https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9c79cec8cd2a6996a73aa83d79b360ffd4bebde6
+      ./fix-out-of-bounds-access-in-findidxwc.patch
     ]
     ++ lib.optionals stdenv.isx86_64 [
       ./fix-x64-abi.patch
diff --git a/pkgs/development/libraries/glibc/default.nix b/pkgs/development/libraries/glibc/default.nix
index 1a17595a1a3..9327e0d936c 100644
--- a/pkgs/development/libraries/glibc/default.nix
+++ b/pkgs/development/libraries/glibc/default.nix
@@ -49,20 +49,17 @@ callPackage ./common.nix { inherit stdenv; } {
       ++ stdenv.lib.optional stdenv.hostPlatform.isMusl "pie";
 
     NIX_CFLAGS_COMPILE = stdenv.lib.concatStringsSep " "
-      (if !stdenv.hostPlatform.isMusl
-        # TODO: This (returning a string or `null`, instead of a list) is to
-        #       not trigger a mass rebuild due to the introduction of the
-        #       musl-specific flags below.
-        #       At next change to non-musl glibc builds, remove this `then`
-        #       and the above condition, instead keeping only the `else` below.
-        then (stdenv.lib.optionals withGd gdCflags)
-        else
-          (builtins.concatLists [
-            (stdenv.lib.optionals withGd gdCflags)
-            # Fix -Werror build failure when building glibc with musl with GCC >= 8, see:
-            # https://github.com/NixOS/nixpkgs/pull/68244#issuecomment-544307798
-            (stdenv.lib.optional stdenv.hostPlatform.isMusl "-Wno-error=attribute-alias")
-          ]));
+      (builtins.concatLists [
+        (stdenv.lib.optionals withGd gdCflags)
+        # Fix -Werror build failure when building glibc with musl with GCC >= 8, see:
+        # https://github.com/NixOS/nixpkgs/pull/68244#issuecomment-544307798
+        (stdenv.lib.optional stdenv.hostPlatform.isMusl "-Wno-error=attribute-alias")
+        (stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+          # Ignore "error: '__EI___errno_location' specifies less restrictive attributes than its target '__errno_location'"
+          # New warning as of GCC 9
+          "-Wno-error=missing-attributes"
+        ])
+      ]);
 
     # When building glibc from bootstrap-tools, we need libgcc_s at RPATH for
     # any program we run, because the gcc will have been placed at a new
diff --git a/pkgs/development/libraries/glibc/fix-out-of-bounds-access-in-findidxwc.patch b/pkgs/development/libraries/glibc/fix-out-of-bounds-access-in-findidxwc.patch
new file mode 100644
index 00000000000..ffac4a38c84
--- /dev/null
+++ b/pkgs/development/libraries/glibc/fix-out-of-bounds-access-in-findidxwc.patch
@@ -0,0 +1,28 @@
+diff -ur glibc-2.27/locale/weightwc.h glibc-2.27-patched/locale/weightwc.h
+--- glibc-2.27/locale/weightwc.h	2018-02-02 01:17:18.000000000 +0900
++++ glibc-2.27-patched/locale/weightwc.h	2020-01-12 03:33:41.519720579 +0900
+@@ -73,7 +73,7 @@
+ 	      break;
+ 	  DIAG_POP_NEEDS_COMMENT;
+ 
+-	  if (cnt == nhere)
++	  if (cnt == nhere || cnt == len)
+ 	    {
+ 	      /* Found it.  */
+ 	      *cpp += nhere;
+@@ -100,13 +100,13 @@
+ 	      continue;
+ 	    }
+ 
+-	  if (cp[nhere - 1] > usrc[nhere -1])
++	  if (cp[nhere - 1] > usrc[nhere - 1])
+ 	    {
+ 	      cp += 2 * nhere;
+ 	      continue;
+ 	    }
+ 
+-	  if (cp[2 * nhere - 1] < usrc[nhere -1])
++	  if (cp[2 * nhere - 1] < usrc[nhere - 1])
+ 	    {
+ 	      cp += 2 * nhere;
+ 	      continue;