7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
github.com/seccomp/libseccomp-golang is vulnerable to authorization bypass. Adding multiple rules simultaneously with a single API call results in an AND
relationship that matches only if all of the arguments match. This allows an attacker to bypass intended access restrictions by specifying multiple syscall arguments.
www.openwall.com/lists/oss-security/2019/04/25/6
access.redhat.com/errata/RHSA-2019:4087
access.redhat.com/errata/RHSA-2019:4090
github.com/moby/moby/issues/32714
github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e
github.com/seccomp/libseccomp-golang/issues/22
lists.debian.org/debian-lts-announce/2020/08/msg00016.html
usn.ubuntu.com/4574-1/
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N