Even for the most minimal oneliner you’ll have to depend on complex library code under the hood which you’ll have to keep up to date as part of the OS. And/or depend on the compiler itself to not introduce bugs into the resulting binary you are distributing.
Either that or you write your software in pure assembler (which will end up exposing a lot of internal complexity anyway, resulting in asm files that are far from “minimal”).
Even for the most minimal oneliner you’ll have to depend on complex library code under the hood which you’ll have to keep up to date as part of the OS. And/or depend on the compiler itself to not introduce bugs into the resulting binary you are distributing.
Either that or you write your software in pure assembler (which will end up exposing a lot of internal complexity anyway, resulting in asm files that are far from “minimal”).
These are just some known vulnerabilities in libc (we don’t know how many “unknown” ones there might be, or if new fixes will introduce new problems): https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-767/GNU-Glibc.html