813489 – (CVE-2021-30809, CVE-2021-30836, CVE-2021-30858, CVE-2021-45482, WSA-2021-0005) <net-libs/webkit-gtk-2.32.4: remote code execution

Bug 813489 (CVE-2021-30809, CVE-2021-30836, CVE-2021-30858, CVE-2021-45482, WSA-2021-0005) - <net-libs/webkit-gtk-2.32.4: remote code execution

Summary: <net-libs/webkit-gtk-2.32.4: remote code execution

Status:	RESOLVED FIXED

Alias:	CVE-2021-30809, CVE-2021-30836, CVE-2021-30858, CVE-2021-45482, WSA-2021-0005

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://mail.gnome.org/archives/gnome...
Whiteboard:	A2 [glsa+]
Keywords:

Depends on:
Blocks:

Reported:	2021-09-17 21:25 UTC by John Helmert III
Modified:	2022-02-01 03:39 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-09-17 21:25:51 UTC

From URL:

"Fix several crashes and rendering issues."

Please bump.

Comment 1 Larry the Git Cow gentoo-dev

2021-09-18 15:24:41 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=abde07959df441fb48875abfb78b8277efe2d31f

commit abde07959df441fb48875abfb78b8277efe2d31f
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2021-09-18 14:12:24 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2021-09-18 15:23:14 +0000

    net-libs/webkit-gtk: bump to 2.32.4
    
    Bug: https://bugs.gentoo.org/813489
    Package-Manager: Portage-3.0.20, Repoman-3.0.2
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 net-libs/webkit-gtk/Manifest                 |   1 +
 net-libs/webkit-gtk/webkit-gtk-2.32.4.ebuild | 300 +++++++++++++++++++++++++++
 2 files changed, 301 insertions(+)

Comment 2 John Helmert III archtester

2021-09-18 15:29:01 UTC

Thanks leio!

Comment 3 John Helmert III archtester

2021-10-07 14:26:33 UTC

Please cleanup

Comment 4 Larry the Git Cow gentoo-dev

2021-10-09 10:17:28 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=92f9219e6d599be43705104cd0ec092a8baae2fa

commit 92f9219e6d599be43705104cd0ec092a8baae2fa
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2021-10-09 10:16:38 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2021-10-09 10:16:38 +0000

    net-libs/webkit-gtk: security cleanup
    
    Bug: https://bugs.gentoo.org/813489
    Package-Manager: Portage-3.0.20, Repoman-3.0.2
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 net-libs/webkit-gtk/Manifest                 |   1 -
 net-libs/webkit-gtk/webkit-gtk-2.32.3.ebuild | 300 ---------------------------
 2 files changed, 301 deletions(-)

Comment 5 John Helmert III archtester

2021-12-20 19:55:26 UTC

More from https://webkitgtk.org/security/WSA-2021-0007.html:

CVE-2021-30809
    Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
    Credit to an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A use after free issue was
    addressed with improved memory management.

CVE-2021-30836
    Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
    Credit to Peter Nguyen Vu Hoang of STAR Labs.
    Impact: Processing a maliciously crafted audio file may disclose
    restricted memory. Description: An out-of-bounds read was addressed
    with improved input validation.

Comment 6 Mart Raudsepp gentoo-dev

2022-01-04 13:10:42 UTC

I don't see any blockers here with 2.32.4 stable for like 3 months by now.

Comment 7 John Helmert III archtester

2022-02-01 03:39:30 UTC

commit d2418b0a913a694a55e21440268b44301931867c
Author: John Helmert III <ajak@gentoo.org>
Date:   Mon Jan 31 21:31:04 2022 -0600

    [ GLSA 202202-01 ] WebkitGTK+: Multiple vulnerabilities

    Signed-off-by: John Helmert III <ajak@gentoo.org>

All done!