Описание
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-9893
- https://github.com/seccomp/libseccomp/issues/139
- https://access.redhat.com/errata/RHSA-2019:3624
- https://seclists.org/oss-sec/2019/q1/179
- https://security.gentoo.org/glsa/201904-18
- https://usn.ubuntu.com/4001-1
- https://usn.ubuntu.com/4001-2
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html
Связанные уязвимости
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argu ...
