|
Message-ID: <20170712145202.7yi7425la7a2cw6t@smitten> Date: Wed, 12 Jul 2017 08:52:02 -0600 From: Tycho Andersen <tycho@...ker.com> To: musl@...ts.openwall.com Subject: stack clash in musl? Hi all, It looks like there were some bugs that affected glibc in the recent stack clash wave of issues: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366 I guess musl wouldn't be vulnerable to this since it ignores LD_LIBRARY_PATH for setuid binaries. I'm curious if anyone else has thought about if there are ways to exploit musl using a stack clash? Cheers, Tycho
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.