Ubuntu - libseccomp-golang vulnerability (2020-10-07)

USN-4574-1: libseccomp-golang vulnerability

golang-github-seccomp-libseccomp-golang vulnerability<br/>A security issue affects these releases of Ubuntu and its derivatives:<br/>Ubuntu 16.04 LTS<br/>Summary<br/>A system hardening measure could be bypassed.<br/>Software Description<br/>golang-github-seccomp-libseccomp-golang - a Go-based interface to the libseccomp library<br/>Details<br/>It was discovered that libseccomp-golang did not properly generate BPFs. If a process were running under a restrictive seccomp filter that specified multiple syscall arguments, the application could potentially bypass the intended restrictions put in place by seccomp.<br/>Update instructions<br/>The problem can be corrected by updating your system to the following package versions:<br/>Ubuntu 16.04 LTS<br/>golang-github-seccomp-libseccomp-golang-dev - 0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1<br/>To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.<br/>After a standard system update anything that depends on libseccomp-golang needs to be rebuilt to make all the necessary changes.<br/>References<br/>CVE-2017-18367<br/>]]&gt;

Ubuntu是一个以桌面应用为主的Linux操作系统

<p><a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18367">CVE-2017-18367</a></p>

暂无

暂无

https://usn.ubuntu.com/4574-1/