CVE-2019-9893 in Ubuntu

CVE-2019-9893

Priority

Description

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument
comparisons using the arithmetic operators (LT, GT, LE, GE), which might
able to lead to bypassing seccomp filters and potential privilege
escalations.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893
https://www.openwall.com/lists/oss-security/2019/03/15/1
http://www.paul-moore.com/blog/d/2019/03/libseccomp_v240.html
https://usn.ubuntu.com/usn/usn-4001-1
https://usn.ubuntu.com/usn/usn-4001-2

Notes

Package

Source: libseccomp (LP Ubuntu Debian)

Upstream:	released (2.4.0)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (2.4.1-0ubuntu0.14.04.2)
Ubuntu 16.04 LTS (Xenial Xerus):	released (2.4.1-0ubuntu0.16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):	released (2.4.1-0ubuntu0.18.04.2)
Ubuntu 19.04 (Disco Dingo):	released (2.4.1-0ubuntu0.19.04.3)
Ubuntu 19.10 (Eoan Ermine):	released (2.4.1-0ubuntu0.19.10.3)

More Information

Updated: 2019-12-05 21:10:16 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)