Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Ubuntu 14.04 ESM: USN-4001-2 Critical: libseccomp Access Flaw

Calendar May 30, 2019 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory access control ubuntu system access libseccomp
libseccomp could allow unintended access to system calls. 
=========================================================================Ubuntu Security Notice USN-4001-2
May 30, 2019

libseccomp vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM

Summary:

libseccomp could allow unintended access to system calls.

Software Description:
- libseccomp: library for working with the Linux seccomp filter

Details:

USN-4001-1 fixed a vulnerability in libseccomp. This update provides the
corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

 Jann Horn discovered that libseccomp did not correctly generate 64-bit
 syscall argument comparisons with arithmetic operators (LT, GT, LE, GE).
 An attacker could use this to bypass intended access restrictions for
 argument-filtered system calls.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  libseccomp2                     2.4.1-0ubuntu0.14.04.2

This update uses a new upstream release which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-4001-2
  https://ubuntu.com/security/notices/USN-4001-1
  CVE-2019-9893

Ubuntu 14.04 ESM: USN-4001-2 Critical: libseccomp Access Flaw

ubuntu
Calendar Grey May 30, 2019
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-4002-1 highlights a vulnerability in libcurl that could lead to exposure of sensitive data. Patch your system immediately!
libseccomp could allow unintended access to system calls.

Summary

Topics%20covered

Topics Covered

security advisory access control ubuntu system access libseccomp

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libseccomp2 2.4.1-0ubuntu0.14.04.2 This update uses a new upstream release which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4001-2

https://ubuntu.com/security/notices/USN-4001-1

CVE-2019-9893

Severity
critical
Lowest
Low
Medium
High
Critical

May 30, 2019

Topics%20covered

Topics Covered

security advisory access control ubuntu system access libseccomp

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here