Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 837305 (CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22662)

Summary: <net-libs/webkit-gtk-2.36.0: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://webkitgtk.org/security/WSA-2022-0004.html
Whiteboard: A2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 842435    
Bug Blocks:    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-08 17:35:27 UTC
CVE-2022-22624
    Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
    Credit to Kirin (@Pwnrin) of Tencent Security Xuanwu Lab.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A use after free issue was
    addressed with improved memory management.

CVE-2022-22628
    Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
    Credit to Kirin (@Pwnrin) of Tencent Security Xuanwu Lab.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A use after free issue was
    addressed with improved memory management.

CVE-2022-22629
    Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
    Credit to Jeonghoon Shin at Theori working with Trend Micro Zero Day
    Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A buffer overflow issue was
    addressed with improved memory handling.


Please bump to 2.36.0. Doesn't seem that 2.34.7 is released yet.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-08 17:37:59 UTC
(In reply to John Helmert III from comment #0)
> CVE-2022-22624
>     Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
>     Credit to Kirin (@Pwnrin) of Tencent Security Xuanwu Lab.
>     Impact: Processing maliciously crafted web content may lead to
>     arbitrary code execution. Description: A use after free issue was
>     addressed with improved memory management.
> 
> CVE-2022-22628
>     Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
>     Credit to Kirin (@Pwnrin) of Tencent Security Xuanwu Lab.
>     Impact: Processing maliciously crafted web content may lead to
>     arbitrary code execution. Description: A use after free issue was
>     addressed with improved memory management.
> 
> CVE-2022-22629
>     Versions affected: WebKitGTK before 2.36.0 and WPE WebKit before 2.34.7
>     Credit to Jeonghoon Shin at Theori working with Trend Micro Zero Day
>     Initiative.
>     Impact: Processing maliciously crafted web content may lead to
>     arbitrary code execution. Description: A buffer overflow issue was
>     addressed with improved memory handling.
> 
> 
> Please bump to 2.36.0. Doesn't seem that 2.34.7 is released yet.

Sorry, 2.34.7 is referring only to WPE WebKit.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-08 18:04:58 UTC
.. and 2.36.0 has been in tree a while. So please stable 2.36.0-r1 when ready.
Comment 3 Larry the Git Cow gentoo-dev 2022-05-13 12:27:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8412706635b0aad1ab6affda4f37fdcc0d139d10

commit 8412706635b0aad1ab6affda4f37fdcc0d139d10
Author:     Matt Turner <mattst88@gentoo.org>
AuthorDate: 2022-05-13 12:24:29 +0000
Commit:     Matt Turner <mattst88@gentoo.org>
CommitDate: 2022-05-13 12:25:47 +0000

    net-libs/webkit-gtk: Drop old versions
    
    Bug: https://bugs.gentoo.org/837305
    Bug: https://bugs.gentoo.org/839984
    Signed-off-by: Matt Turner <mattst88@gentoo.org>

 net-libs/webkit-gtk/Manifest                       |   2 -
 net-libs/webkit-gtk/files/2.34.3-jumbo-fix.patch   |  70 ------
 .../webkit-gtk/files/2.34.3-non-jumbo-fix.patch    |  31 ---
 net-libs/webkit-gtk/webkit-gtk-2.34.6.ebuild       | 272 ---------------------
 net-libs/webkit-gtk/webkit-gtk-2.36.0-r1.ebuild    | 250 -------------------
 5 files changed, 625 deletions(-)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-05-14 01:53:50 UTC
Thanks!
Comment 5 Larry the Git Cow gentoo-dev 2022-08-31 23:57:19 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=1d278bb93fbf8fdb34ef9c125c5f4536e11c15d7

commit 1d278bb93fbf8fdb34ef9c125c5f4536e11c15d7
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-31 23:54:04 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-08-31 23:56:59 +0000

    [ GLSA 202208-39 ] WebKitGTK+: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/832990
    Bug: https://bugs.gentoo.org/833568
    Bug: https://bugs.gentoo.org/837305
    Bug: https://bugs.gentoo.org/839984
    Bug: https://bugs.gentoo.org/845252
    Bug: https://bugs.gentoo.org/856445
    Bug: https://bugs.gentoo.org/861740
    Bug: https://bugs.gentoo.org/864427
    Bug: https://bugs.gentoo.org/866494
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202208-39.xml | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)