941276 – (CVE-2024-40857, CVE-2024-40866, CVE-2024-44185, CVE-2024-44187, CVE-2024-44244, CVE-2024-44296) <net-libs/webkit-gtk-2.46.5{,-r410,-r600}: multiple vulnerabilities

Bug 941276 (CVE-2024-40857, CVE-2024-40866, CVE-2024-44185, CVE-2024-44187, CVE-2024-44244, CVE-2024-44296) - <net-libs/webkit-gtk-2.46.5{,-r410,-r600}: multiple vulnerabilities

Summary: <net-libs/webkit-gtk-2.46.5{,-r410,-r600}: multiple vulnerabilities

Status:	CONFIRMED

Alias:	CVE-2024-40857, CVE-2024-40866, CVE-2024-44185, CVE-2024-44187, CVE-2024-44244, CVE-2024-44296

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://webkitgtk.org/security/WSA-20...
Whiteboard:	A4 [glsa? stable]
Keywords:

Depends on:	943636 941277
Blocks:
	Show dependency tree

Reported:	2024-10-11 13:23 UTC by Michael Orlitzky
Modified:	2025-01-07 07:29 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Orlitzky gentoo-dev

2024-10-11 13:23:36 UTC

CVE-2024-40857
    Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
    Credit to Ron Masas.
    Impact: Processing maliciously crafted web content may lead to
    universal cross site scripting. Description: This issue was
    addressed through improved state management.
    WebKit Bugzilla: 268724

CVE-2024-40866
    Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
    Credit to Hafiizh and YoKo Kho (@yokoacc) of HakTrak.
    Impact: Visiting a malicious website may lead to address bar
    spoofing. Description: The issue was addressed with improved UI.
    WebKit Bugzilla: 279451

CVE-2024-44187
    Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
    Credit to Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd,
    Pune (India).
    Impact: A malicious website may exfiltrate data cross-origin.
    Description: A cross-origin issue existed with "iframe" elements.
    This was addressed with improved tracking of security origins.
    WebKit Bugzilla: 279452

Comment 1 Michael Orlitzky gentoo-dev

2024-10-31 18:52:13 UTC

https://webkitgtk.org/security/WSA-2024-0006.html

* CVE-2024-44185
  Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
  Credit to Gary Kwong.
  Impact: Processing maliciously crafted web content may lead to an unexpected
  process crash Description: The issue was addressed with improved checks.
  WebKit Bugzilla: 276097

* CVE-2024-44244
  Versions affected: WebKitGTK and WPE WebKit before 2.46.3.
  Credit to an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@p1umer).
  Impact: Processing maliciously crafted web content may lead to an unexpected process crash   Description: A memory corruption issue was addressed with improved input validation.
  WebKit Bugzilla: 279780


* CVE-2024-44296
  Versions affected: WebKitGTK and WPE WebKit before 2.46.3.
  Credit to Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India).
  Impact: Processing maliciously crafted web content may prevent Content Security Policy from
  being enforced Description: The issue was addressed with improved checks.
  WebKit Bugzilla: 278765

Comment 2 Michael Orlitzky gentoo-dev

2024-12-03 14:33:55 UTC

CVE-2024-44308
  * Versions affected: WebKitGTK and WPE WebKit before 2.46.4.
  * Credit to Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group.
  * Impact: Processing maliciously crafted web content may lead to arbitrary
    code execution. Apple is aware of a report that this issue may have been
    actively exploited on Intel-based Mac systems. Description: The issue was
    addressed with improved checks.
  * WebKit Bugzilla: 283063

CVE-2024-44309
  * Versions affected: WebKitGTK and WPE WebKit before 2.46.4.
  * Credit to Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group.
  * Impact: Processing maliciously crafted web content may lead to a cross site
    scripting attack. Apple is aware of a report that this issue may have been
    actively exploited on Intel-based Mac systems. Description: A cookie
    management issue was addressed with improved state management.
  * WebKit Bugzilla: 283095

Comment 3 Michael Orlitzky gentoo-dev

2024-12-23 00:07:40 UTC

* CVE-2024-54479
  Versions affected: WebKitGTK and WPE WebKit before 2.46.5.
  Credit to Seunghyun Lee.
  Impact: Processing maliciously crafted web content may lead to an unexpected
  process crash Description: The issue was addressed with improved checks.
  WebKit Bugzilla: 278497

* CVE-2024-54502
  Versions affected: WebKitGTK and WPE WebKit before 2.46.5.
  Credit to Brendon Tiszka of Google Project Zero.
  Impact: Processing maliciously crafted web content may lead to an unexpected
  process crash Description: The issue was addressed with improved checks.
  WebKit Bugzilla: 281912

* CVE-2024-54505
  Versions affected: WebKitGTK and WPE WebKit before 2.46.5.
  Credit to Gary Kwong.
  Impact: Processing maliciously crafted web content may lead to memory corruption
  Description: A type confusion issue was addressed with improved memory handling.
  WebKit Bugzilla: 282661

* CVE-2024-54508
  Versions affected: WebKitGTK and WPE WebKit before 2.46.5.
  Credit to linjy of HKUS3Lab and chluo of WHUSecLab, Xiangwei Zhang of Tencent
  Security YUNDING LAB.
  Impact: Processing maliciously crafted web content may lead to an unexpected
  process crash Description: The issue was addressed with improved memory
  handling.
  WebKit Bugzilla: 282180

* CVE-2024-54534
  Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
  Credit to Tashita Software Security.
  Impact: Processing maliciously crafted web content may lead to memory corruption
  Description: The issue was addressed with improved memory handling.
  WebKit Bugzilla: 277967