LionsOS musllibc old version? Vulnerable? - Devel - lists.sel4.systems

newer
seL4 developer hangout reminder

LionsOS musllibc old version? Vulnerable?

older
find all seL4 threads

Hugo V.C.

27 Nov 2024 27 Nov '24

1:33 a.m.

Hi, reading the dependencies of LionsOS I realized it is using an old version of muslibc : https://github.com/au-ts/musllibc/blob/81842bc43d0b49bbcca03ff5f506c6df8e2bd... if this version has not been patched may be vulnerable to a remotely exploitable buffer overflow in the dns resolution: https://git.musl-libc.org/cgit/musl/commit/?id=45ca5d3fcb6f874bf5ba55d0e9651... Can someone confirm or reject? Thanks.

Reply

Sign in to reply online Use email software

Show replies by date

Visit here for a non-javascript version of this page.

481

Age (days ago)

484

Last active (days ago)

Download

3 comments

3 participants

tags

participants (3)

Demi Marie Obenour
Hugo V.C.
Ivan Velickovic