Описание
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 0.9.0-2 |
| disco | ignored | end of life |
| eoan | not-affected | 0.9.0-2 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 0.9.0-2 |
| esm-apps/jammy | not-affected | 0.9.0-2 |
| esm-apps/noble | not-affected | 0.9.0-2 |
| esm-apps/xenial | released | 0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1 |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...
Уязвимость программного обеспечения libseccomp-golang, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
5 Medium
CVSS2
7.5 High
CVSS3