Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 923851 (CVE-2014-1745, CVE-2023-40414, CVE-2023-42833, CVE-2024-23206, CVE-2024-23213, CVE-2024-23222, WSA-2024-0001) - <net-libs/webkit-gtk-2.42.5: multiple vulnerabilities
Summary: <net-libs/webkit-gtk-2.42.5: multiple vulnerabilities
Status: CONFIRMED
Alias: CVE-2014-1745, CVE-2023-40414, CVE-2023-42833, CVE-2024-23206, CVE-2024-23213, CVE-2024-23222, WSA-2024-0001
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major with 1 vote (vote)
Assignee: Gentoo Security
URL: https://webkitgtk.org/security/WSA-20...
Whiteboard: A2 [glsa?]
Keywords:
Depends on: 928803
Blocks:
  Show dependency tree
 
Reported: 2024-02-05 23:39 UTC by Christopher Fore
Modified: 2024-04-17 05:53 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Fore 2024-02-05 23:39:12 UTC 
CVE-2024-23222:

A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. 


CVE-2024-23206:

An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. 


CVE-2024-23213:

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. 


The above are fixed in 2.42.5


CVE-2023-40414:

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. 


The above is fixed in 2.42.1


CVE-2023-42833:

A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. 


The above is fixed in 2.38.0


CVE-2014-1745:

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. 


The above is fixed in 2.42.0
Comment 1 Larry the Git Cow gentoo-dev 2024-04-16 17:31:03 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a6b6dc6b54341e720273ca212ba6abec25476845

commit a6b6dc6b54341e720273ca212ba6abec25476845
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2024-04-16 17:29:52 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2024-04-16 17:29:57 +0000

    net-libs/webkit-gtk: security cleanup
    
    Bug: https://bugs.gentoo.org/923851
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 net-libs/webkit-gtk/Manifest                      |   2 -
 net-libs/webkit-gtk/webkit-gtk-2.42.3-r410.ebuild | 266 ---------------------
 net-libs/webkit-gtk/webkit-gtk-2.42.3-r600.ebuild | 259 ---------------------
 net-libs/webkit-gtk/webkit-gtk-2.42.3.ebuild      | 256 --------------------
 net-libs/webkit-gtk/webkit-gtk-2.42.4-r410.ebuild | 270 ----------------------
 net-libs/webkit-gtk/webkit-gtk-2.42.4-r600.ebuild | 263 ---------------------
 net-libs/webkit-gtk/webkit-gtk-2.42.4.ebuild      | 260 ---------------------
 7 files changed, 1576 deletions(-)