[USN-4574-1] libseccomp-golang vulnerability
Mike Salvatore
mike.salvatore at canonical.com
Wed Oct 7 19:39:24 UTC 2020
==========================================================================
Ubuntu Security Notice USN-4574-1
October 07, 2020
golang-github-seccomp-libseccomp-golang vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
A system hardening measure could be bypassed.
Software Description:
- golang-github-seccomp-libseccomp-golang: a Go-based interface to the libseccomp library
Details:
It was discovered that libseccomp-golang did not properly generate BPFs. If
a process were running under a restrictive seccomp filter that specified
multiple syscall arguments, the application could potentially bypass the
intended restrictions put in place by seccomp.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
golang-github-seccomp-libseccomp-golang-dev 0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1
After a standard system update anything that depends on libseccomp-golang needs
to be rebuilt to make all the necessary changes.
References:
https://usn.ubuntu.com/4574-1
CVE-2017-18367
Package Information:
https://launchpad.net/ubuntu/+source/golang-github-seccomp-libseccomp-golang/0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20201007/65eacae3/attachment.sig>
More information about the ubuntu-security-announce
mailing list