Advisories ยป MGASA-2020-0136

Updated libseccomp packages fix security vulnerability

Publication date: 10 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-9893

Description

Updated libseccomp packages fix security vulnerability:

Jann Horn discovered that libseccomp did not correctly generate 64-bit
syscall argument comparisons with arithmetic operators (LT, GT, LE, GE).
An attacker could use this to bypass intended access restrictions for
argument-filtered system calls (CVE-2019-9893).
                

References

SRPMS

7/core