Vulnerability CVE-2019-9893: Information
Description
libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
libseccomp | sisyphus | 2.4.0-alt1 | 2.5.5-alt1 | ALT-PU-2019-1495-1 | 225532 | Fixed |
libseccomp | p10 | 2.4.0-alt1 | 2.5.4-alt2 | ALT-PU-2019-1495-1 | 225532 | Fixed |
libseccomp | p9 | 2.4.0-alt1 | 2.4.2-alt2 | ALT-PU-2019-1495-1 | 225532 | Fixed |
libseccomp | p8 | 2.4.0-alt1 | 2.4.0-alt1 | ALT-PU-2019-1564-1 | 225578 | Fixed |
libseccomp | c10f1 | 2.4.0-alt1 | 2.5.4-alt2 | ALT-PU-2019-1495-1 | 225532 | Fixed |
libseccomp | c9f2 | 2.4.0-alt1 | 2.5.3-alt1 | ALT-PU-2019-1495-1 | 225532 | Fixed |
libseccomp | p11 | 2.4.0-alt1 | 2.5.5-alt1 | ALT-PU-2019-1495-1 | 225532 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://seclists.org/oss-sec/2019/q1/179 |
|
https://github.com/seccomp/libseccomp/issues/139 |
|
GLSA-201904-18 | |
USN-4001-1 | |
USN-4001-2 | |
openSUSE-SU-2019:2283 | |
openSUSE-SU-2019:2280 | |
RHSA-2019:3624 |