==========================================================================
Ubuntu Security Notice USN-4574-1
October 07, 2020
golang-github-seccomp-libseccomp-golang vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 LTS
Summary:
A system hardening measure could be bypassed.
Software Description:
– golang-github-seccomp-libseccomp-golang: a Go-based interface to the libseccomp library
Details:
It was discovered that libseccomp-golang did not properly generate BPFs. If
a process were running under a restrictive seccomp filter that specified
multiple syscall arguments, the application could potentially bypass the
intended restrictions put in place by seccomp.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
golang-github-seccomp-libseccomp-golang-dev 0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1
After a standard system update anything that depends on libseccomp-golang needs
to be rebuilt to make all the necessary changes.
References:
https://usn.ubuntu.com/4574-1
CVE-2017-18367
Package Information:
https://launchpad.net/ubuntu/+source/golang-github-seccomp-libseccomp-golang/0.0~git20150813.0.1b506fc-2+deb9u1build0.16.04.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl9+GWwACgkQdyg1Qz0o
XX2IZA//WH4qaB2NnK95gezSsodWn2nPTaiSyggRVXrdEWAB3wcHjGymX8w3e4l5
7EE+jFjYCkIOj9Ow8E/RV9IjEVamivGtyrrErVAchK/YPenkkrqYusATdewAmfVv
s8BGs8G7LfIwb1Bp1hxGVDo1f/iGo+SDQa+YVmti2Ufb2N1/T6k40hPGtGXgUHmD
49VANMb94/TLH9ot96zAMtxQH2pbIWPDuiW54EQOGTW49JEBseiX+W18XnOMa4ns
tqCQtaM9EfUaKdwrUhaRER6mLzvzuLkx9KksGnCNnuI2GOQ2kRlQHTVtE0N4qF3s
VyV+++IYy3FmWYP0fCCOqDHKOileYa2olzpMhT/Q3qEt4PrzI9jZpiGyXUwcJBTQ
kFajxau9pBWGeUh6F8iy12GyF5+zRtBHKe4obQFe/R5AjVHGfnqb03XVOcl56Rgt
OFBfywgIjTAzVsHDw11/ag3fuogjO9csVMoOCj6HYR2X0d6qzBiREk+eVZHLL9At
cQPWSxGyXjHXatDWVcbED9xGDgAjreyMlZHvtYQx/3QdgOKmDO5QVgAmmyVZsEW5
OWKZPv3Z+UgiXSRBHVmSQ/zxcIkrb54ID3fzCigac4XJl5H1Eb//0QrgBxKvWRuU
8cfOlVkV76tm/9wkB7e2b9mcwF/ERR/AMvmhJV67cKhWNIq37uI=
=fxyS
—–END PGP SIGNATURE—–
—