Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 645686 (CVE-2017-13884, CVE-2017-13885, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2018-4088, CVE-2018-4089, CVE-2018-4096)

Summary: <net-libs/webkit-gtk-2.18.6: multiple vulnerabilities
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: gnome
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://webkitgtk.org/security/WSA-2018-0002.html
Whiteboard: A2 [glsa+ cve]
Package list:
net-libs/webkit-gtk-2.18.6
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-01-25 13:49:01 UTC
Incoming details.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2018-01-25 13:52:13 UTC
Several vulnerabilities were discovered in WebKitGTK+.

CVE-2018-4088
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Jeonghoon Shin of Theori.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2018-4089
    Versions affected: WebKitGTK+ before 2.18.4.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2018-4096
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to OSS-Fuzz.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2017-7153
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Jerry Decime.
    Impact: Visiting a malicious website may lead to user interface spoofing.
    Description: Redirect responses to 401 Unauthorized may allow a malicious website to incorrectly display the lock icon on mixed content. This issue was addressed through improved URL display logic.


CVE-2017-7160
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Richard Zhu (fluorescence) working with Trend Micro’s Zero Day Initiative.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2017-7161
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Mitin Svyat.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: A command injection issue existed in Web Inspector. This issue was addressed through improved escaping of special characters.


CVE-2017-7165
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro’s Zero Day Initiative.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2017-13884
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro’s Zero Day Initiative.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.


CVE-2017-13885
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro’s Zero Day Initiative.
    Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
    Description: Multiple memory corruption issues were addressed with improved memory handling.
Comment 2 Larry the Git Cow gentoo-dev 2018-01-25 14:38:32 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2731d7a81444b0743caae7453e0c0e168005c828

commit 2731d7a81444b0743caae7453e0c0e168005c828
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2018-01-25 13:53:03 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2018-01-25 14:37:25 +0000

    net-libs/webkit-gtk: security bump to 2.18.6
    
    Bug: https://bugs.gentoo.org/645686
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 net-libs/webkit-gtk/Manifest                 |   1 +
 net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild | 284 +++++++++++++++++++++++++++
 2 files changed, 285 insertions(+)}
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-01-26 18:21:59 UTC
x86 stable
Comment 4 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2018-01-27 23:33:39 UTC
amd64 stable
Comment 5 Mart Raudsepp gentoo-dev 2018-01-28 01:48:01 UTC
Cleanup of SLOT=4 done. SLOT=2 and SLOT=3 cleanup is tracked in bug 577068 and not here, therefore cleanup for this bugs purposes all done, moving to "glsa?"
Comment 6 D'juan McDonald (domhnall) 2018-03-19 03:20:08 UTC
New GLSA request filed.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2018-03-22 00:31:57 UTC
This issue was resolved and addressed in
 GLSA 201803-11 at https://security.gentoo.org/glsa/201803-11
by GLSA coordinator Christopher Diaz Riveros (chrisadr).