==========================================================================
Ubuntu Security Notice USN-4001-2
May 30, 2019

libseccomp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

libseccomp could allow unintended access to system calls.

Software Description:
– libseccomp: library for working with the Linux seccomp filter

Details:

USN-4001-1 fixed a vulnerability in libseccomp. This update provides the
corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

Jann Horn discovered that libseccomp did not correctly generate 64-bit
syscall argument comparisons with arithmetic operators (LT, GT, LE, GE).
An attacker could use this to bypass intended access restrictions for
argument-filtered system calls.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
libseccomp2 2.4.1-0ubuntu0.14.04.2

This update uses a new upstream release which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-4001-2
https://usn.ubuntu.com/usn/usn-4001-1
CVE-2019-9893
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEETCDAa12L3miIVNKKUdvcWMxVlXMFAlzwYrcACgkQUdvcWMxV
lXOTSA//cbFjoJc7B2oemCZk4xvFBVsMKbfPDD/wx3ts5HV5q1AsrkoMLLtbeWpD
B4TB2lPztFAhVg/JoO344165x/g1HbA5EBu3An/2VuD7nWybKTkXSOkiQ1Amx1nw
Pxokqs4tTlKRt+wJylI9VSYb/w2jmEYimD9j7kCzKLFZt1d1O24qehRrr9i1Y8AS
smuUDFur2zsTTexVpxMvXqjE8ffPkyRgQ1Jod1mmejDqtiSPGD1ChOnFUBcQr8Kx
YADu4GSmSInMIkOCxpBhSHT2w448d8OhRli0uaxYuNtiancJp7QSgV9pnkWEndgT
2J2xls7woS7MGqT2vuohFI7lvNhkqcm6/4KkiQLRZRkrD0KOWXZWomQhHZwbCd5z
G8oD1hwwrwkhi5lszZAN1lRAmIVzJCQalK9VA5Hi5BlqBRx1sA1iMdn5LC0P1ugU
Te5nbxhCR+KtBAxTiXGaHJfdg3oFDJipSkVQBlldbm38/z+mf+fWGfK9MH6LXUjE
pEWQkplSJFpXaGonGiJgFRglvLMa4OF1DBxi7HzVVijKkIdnbr7WbLfP3kQLgH2p
is5k5iAvPb/nOQQKpVGebd+GbCMHYtvijK2oFqdvXhCNzgd0DbObdxc6/GcBrMIY
+tJVKKwBxwI9KkQoHqI6ADl4fVdaeB5NF7PZHtsV1ooGGF7RRQY=
=042H
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-4001-1
May 30, 2019

libseccomp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

libseccomp could allow unintended access to system calls.

Software Description:
– libseccomp: library for working with the Linux seccomp filter

Details:

Jann Horn discovered that libseccomp did not correctly generate 64-bit
syscall argument comparisons with arithmetic operators (LT, GT, LE, GE).
An attacker could use this to bypass intended access restrictions for
argument-filtered system calls.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libseccomp2 2.4.1-0ubuntu0.19.04.3

Ubuntu 18.10:
libseccomp2 2.4.1-0ubuntu0.18.10.3

Ubuntu 18.04 LTS:
libseccomp2 2.4.1-0ubuntu0.18.04.2

Ubuntu 16.04 LTS:
libseccomp2 2.4.1-0ubuntu0.16.04.2

This update uses a new upstream release which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-4001-1
CVE-2019-9893

Package Information:
https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.19.04.3
https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.18.10.3
https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.18.04.2
https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.16.04.2
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEETCDAa12L3miIVNKKUdvcWMxVlXMFAlzwV7gACgkQUdvcWMxV
lXOWmQ/+PwiI+1ekambATevrREkvzyHAC8TVKBkINjArni2hFwWFf3n8LV5YgSn7
ahBdSItkEdQY/E1d6jrY3n3RnHV1TbiaganRmuui6hmqspq0vsCOpyywKzv/eL2Y
1dpEKg6yh6T9FqxWAkc2A8lQ7qj5LRKrOFG/yfF5hkVmI7ruv8vZDWPN4NGulPCS
RhMvhfCinyKeZGOTapW9VM8LtXPmac3SCBDW7eRrZDuXc1YWVdV7IO8CQYS1qN5b
c/1QSFJhyv+xHcXPzqGETVt1AnPssr1FEI260i9rhyfSyjs4ftIBal2yy31WTdDa
/JjBu3Eo9BNb2Zwob7epGz+Eg4oKXPrL0PywzCtDB/7y8LtvPDB4RN6VdzfjEuc+
rH2MZGVY4rKFc8gj6lAWcX3jmZdasa6E4d4z0Bmrpk6qfki44KznR8CoXRDoEYlK
eBsB2+d23b4z7X1+fWYoa6CqYQimrx9SAN4RBn9pM0pEkdlxGRtlK5KWjU2hBGDm
49rVb3d4s1hgupiei4NSg0lb1j0HNhYIbzprz+Yu/M+LWtiiu8Dn4piqw5Gsi/DP
CYcMwddK+KHeo5ZHOFVRJ/01YGFxkqoxQ0T4Ximurtb031m9xGRflj1KjJdoldSX
bryUgpBgDmZa7o6RKWcdcxUfc4dAR0otL7m/CTuMQHJvqH3mmus=
=EAm1
—–END PGP SIGNATURE—–
—