SUSE CVE-2022-48832

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...

CVE-2022-48832

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...

GO-2020-0007 Improper input validation in github.com/seccomp/libseccomp-golang

Filters containing rules with multiple syscall arguments are improperly constructed, such that all arguments are required to match rather than any of the arguments AND is used rather than OR. These filters can be bypassed by only specifying a subset of the arguments due to this behavior...

USN-4574-1 golang-github-seccomp-libseccomp-golang vulnerability

It was discovered that libseccomp-golang did not properly generate BPFs. If a process were running under a restrictive seccomp filter that specified multiple syscall arguments, the application could potentially bypass the intended restrictions put in place by seccomp...

USN-4574-1: libseccomp-golang vulnerability

It was discovered that libseccomp-golang did not properly generate BPFs. If a process were running under a restrictive seccomp filter that specified multiple syscall arguments, the application could potentially bypass the intended restrictions put in place by seccomp...

Debian DLA-2320-1 : golang-github-seccomp-libseccomp-golang security update

A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument. Additionally, runc has been rebuilt with the fixed package. For Debian 9 stretch, this problem has been fixed in versi...

[SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2320-1 [email protected] https://www.debian.org/lts/security/ August 10, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...

Authorization Bypass

github.com/seccomp/libseccomp-golang is vulnerable to authorization bypass. Adding multiple rules simultaneously with a single API call results in an AND relationship that matches only if all of the arguments match. This allows an attacker to bypass intended access restrictions by specifying...

UBUNTU-CVE-2019-9893

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations...