libseccomp 64-bit Argument Comparisons Privilege Escalation Vulnerability [CVE-2019-9893]

CVE Number – CVE-2019-9893

A vulnerability in the generation of 64-bit syscall argument comparisons in libseccomp could allow an unauthenticated, remote attacker to bypass restrictions and gain elevated privileges on a targeted system.The vulnerability exists because the affected software miscalculates the generated 64-bit syscall argument comparisons when using certain arithmetic operations. An attacker could exploit this vulnerability by initiating this comparison on a targeted system. A successful exploit could allow the attacker to bypass certain restrictions and elevate their privileges on the system.The libseccomp Project has confirmed this vulnerability and released software updates.

Analysis

• To exploit this vulnerability, an attacker must have network access and know how to generate 64-bit syscall arguments. These requirements could reduce the likelihood of a successful exploit.
  

Safeguards

• Administrators are advised to apply the appropriate updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to run both firewall and antivirus applications to minimize the potential of inbound and outbound threats.Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.Administrators can help protect affected systems from external attacks by using a solid firewall strategy.Administrators are advised to monitor affected systems.

Vendor Announcements

• The libseccomp Project has released a security issue at the following link: Issue 139
  

Fixed Software

• The libseccomp Project has released an update at the following link: libseccomp v2.4.0