Test ID:	1.3.6.1.4.1.25623.1.1.4.2019.2941.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2019:2941-1)
Summary:	The remote host is missing an update for the 'libseccomp' package(s) announced via the SUSE-SU-2019:2941-1 advisory.
Description:	Summary: The remote host is missing an update for the 'libseccomp' package(s) announced via the SUSE-SU-2019:2941-1 advisory. Vulnerability Insight: This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 (bsc#1128828 CVE-2019-9893): * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS action * Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute * Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension * Added support for the parisc and parisc64 architectures * Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) * Return -EDOM on an endian mismatch when adding an architecture to a filter * Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() * Fix PFC generation when a syscall is prioritized, but no rule exists * Numerous fixes to the seccomp-bpf filter generation code * Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 * Numerous tests added to the included test suite, coverage now at ~ 92% * Update our Travis CI configuration to use Ubuntu 16.04 * Numerous documentation fixes and updates Update to release 2.3.3: * Updated the syscall table for Linux v4.15-rc7 Update to release 2.3.2: * Achieved full compliance with the CII Best Practices program * Added Travis CI builds to the GitHub repository * Added code coverage reporting with the '--enable-code-coverage' configure flag and added Coveralls to the GitHub repository * Updated the syscall tables to match Linux v4.10-rc6+ * Support for building with Python v3.x * Allow rules with the -1 syscall if the SCMP\_FLTATR\_API\_TSKIP attribute is set to true * Several small documentation fixes - ignore make check error for ppc64/ppc64le, bypass bsc#1142614 Affected Software/OS: 'libseccomp' package(s) on SUSE Linux Enterprise Desktop 12-SP4, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP Applications 12-SP2, SUSE Linux Enterprise Server for SAP Applications 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP4, SUSE Linux Enterprise Server for SAP Applications 12-SP5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9893 https://security.gentoo.org/glsa/201904-18 https://github.com/seccomp/libseccomp/issues/139 https://seclists.org/oss-sec/2019/q1/179 RedHat Security Advisories: RHSA-2019:3624 https://access.redhat.com/errata/RHSA-2019:3624 SuSE Security Announcement: openSUSE-SU-2019:2280 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00027.html SuSE Security Announcement: openSUSE-SU-2019:2283 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00022.html https://usn.ubuntu.com/4001-1/ https://usn.ubuntu.com/4001-2/
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.