musl

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Lightweight implementation of C standard library
Version 1.2.2-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1287 1.2.1-1 1.2.1-2 Medium Fixed FS#68685
AVG-457 1.1.16-2 1.1.17-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2020-28928 AVG-1287 Medium No Arbitrary code execution
The wcsnrtombs function in all musl libc versions up to 1.2.1 has been found to have multiple bugs in the handling of the destination buffer size when...
CVE-2017-15650 AVG-457 Critical Yes Arbitrary code execution
A stack-based buffer overflow has been found in the DNS response parsing code of musl libc <= 1.1.16. When an application makes a request via getaddrinfo...

Advisories

Date Advisory Group Severity Type
26 Nov 2020 ASA-202011-29 AVG-1287 Medium arbitrary code execution
21 Oct 2017 ASA-201710-28 AVG-457 Critical arbitrary code execution