Download
| Alert*
|
oval:org.secpod.oval:def:503423
The libseccomp library provides an interface to the Linux Kernel"s syscall filtering mechanism, seccomp. The libseccomp API allows an application to specify which system calls or system call arguments the application is allowed to execute, all of which are then enforced by the Linux Kernel. The foll ... oval:org.secpod.oval:def:1801675 libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators , which might able to lead to bypassing seccomp filters and potential privilege escalations.changed the description oval:org.secpod.oval:def:55321 libseccomp: library for working with the Linux seccomp filter libseccomp could allow unintended access to system calls. oval:org.secpod.oval:def:89003179 This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ... oval:org.secpod.oval:def:66487 The libseccomp library provides an interface to the Linux Kernel"s syscall filtering mechanism, seccomp. The libseccomp API allows an application to specify which system calls or system call arguments the application is allowed to execute, all of which are then enforced by the Linux Kernel. The foll ... oval:org.secpod.oval:def:89050587 This update for libseccomp fixes the following issues: Security issues fixed: - CVE-2019-9893: An incorrect generation of syscall filters in libseccomp was fixed libseccomp was updated to new upstream release 2.4.1: - Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF ... oval:org.secpod.oval:def:1700269 libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators , which might able to lead to bypassing seccomp filters and potential privilege escalations oval:org.secpod.oval:def:1504034 [2.4.1-1] - rebase to 2.4.1 [2.3.3-4] - spec: make the check phase conditional oval:org.secpod.oval:def:704975 libseccomp: library for working with the Linux seccomp filter libseccomp could allow unintended access to system calls. oval:org.secpod.oval:def:1901702 Jann Horn identified a problem in current versions of libseccomp-dev where the library did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators . |
