Access Control Bypass Affecting github.com/seccomp/libseccomp-golang Open this link in a new tab package, versions <0.9.1
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
25 Apr 2019
24 Apr 2019
How to fix?
github.com/seccomp/libseccomp-golang to version 0.9.1 or higher.
Affected versions of this package are vulnerable to Access Control Bypass. Earlier versions of libseccomp-golang incorrectly generates BPFs using
OR boolean logic instead of AND. Due to this flaw, a process running under a restrictive
seccomp filter that specified multiple
syscall arguments could bypass intended access restrictions by specifying a single matching argument. Multiple
syscall argument rules should be matched with