| module: github.com/seccomp/libseccomp-golang |
| versions: |
| - fixed: v0.9.1-0.20170424173420-06e7a29f36a3 |
| description: | |
| Filters containing rules with multiple syscall arguments are improperly |
| constructed, such that all arguments are required to match rather than |
| any of the arguments (AND is used rather than OR). These filters can be |
| bypassed by only specifying a subset of the arguments due to this |
| behavior. |
| published: 2021-04-14T12:00:00Z |
| cve: CVE-2017-18367 |
| credit: "@ihac" |
| symbols: |
| - ScmpFilter.addRuleGeneric |
| links: |
| commit: https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e |