 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.852818 |
| Category: | SuSE Local Security Checks |
| Title: | openSUSE: Security Advisory for libseccomp (openSUSE-SU-2019:2283-1) |
| Summary: | The remote host is missing an update for the 'libseccomp'; package(s) announced via the openSUSE-SU-2019:2283-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'libseccomp' package(s) announced via the openSUSE-SU-2019:2283-1 advisory. Vulnerability Insight: This update for libseccomp fixes the following issues: Security issues fixed: - CVE-2019-9893: An incorrect generation of syscall filters in libseccomp was fixed (bsc#1128828) libseccomp was updated to new upstream release 2.4.1: - Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. libseccomp was updated to 2.4.0 (bsc#1128828 CVE-2019-9893): - Update the syscall table for Linux v5.0-rc5 - Added support for the SCMP_ACT_KILL_PROCESS action - Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute - Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension - Added support for the parisc and parisc64 architectures - Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) - Return -EDOM on an endian mismatch when adding an architecture to a filter - Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() - Fix PFC generation when a syscall is prioritized, but no rule exists - Numerous fixes to the seccomp-bpf filter generation code - Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 - Numerous tests added to the included test suite, coverage now at ~ 92% - Update our Travis CI configuration to use Ubuntu 16.04 - Numerous documentation fixes and updates libseccomp was updated to release 2.3.3: - Updated the syscall table for Linux v4.15-rc7 This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2283=1 Affected Software/OS: 'libseccomp' package(s) on openSUSE Leap 15.1. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-9893 https://security.gentoo.org/glsa/201904-18 https://github.com/seccomp/libseccomp/issues/139 https://seclists.org/oss-sec/2019/q1/179 RedHat Security Advisories: RHSA-2019:3624 https://access.redhat.com/errata/RHSA-2019:3624 SuSE Security Announcement: openSUSE-SU-2019:2280 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html SuSE Security Announcement: openSUSE-SU-2019:2283 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html https://usn.ubuntu.com/4001-1/ https://usn.ubuntu.com/4001-2/ |
| Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |