RSS   Podatności dla 'Libseccomp-golang'   RSS

2019-04-24
 
CVE-2017-18367

CWE-20
 

 
libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.

 


Copyright 2024, cxsecurity.com

 

Back to Top