Linux

5218 readers

10 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros (thehackernews.com)

submitted 9 months ago by costalfy@programming.dev to c/linux@programming.dev

11 comments fedilink hide all child comments

😱

you are viewing a single comment's thread
view the rest of the comments

[–] jeremyparker@programming.dev 9 points 9 months ago* (last edited 9 months ago) (2 children)

Noob question: that's a really old library, right? Has this issue been there for decades before someone found it, or is this vulnerability part of some newer addition to it?

Edit: I didn't understand the first sentence of the article so I figured I wouldn't understand any of it -- but my question is answered pretty early on:

It's said to have been accidentally introduced in August 2022 with the release of glibc 2.37.

[–] swordsmanluke@programming.dev 8 points 9 months ago

glibc is the library that provides basic functionality for C programs. It provides the bottom level implementation for things like opening files, requesting memory, and other OS-level stuff.

glibc isn't the only implementation out there. Even on Linux, there are other options, such as muslc.

It gets updated regularly, as the C standard or operating system needs. So while it has been around for a very long time (by software standards anyway) it's still an active and evolving piece of software. --and one that underpins many critical functions of our systems.

[–] CameronDev@programming.dev 3 points 9 months ago

Its been around a long time, but evolves with the C standard and the linux kernel. It is basically a layer between C and the kernel.