https://webkitgtk.org/security/WSA-2023-0009.html CVE-2023-39928 Versions affected: WebKitGTK and WPE WebKit before 2.42.0. Credit to Marcin ‘Icewall’ Noga of Cisco Talos. A use-after-free vulnerability exists in the MediaRecorder API of the WebKit GStreamer-based ports (WebKitGTK and WPE WebKit). A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability. WebKit Bugzilla: 260649. CVE-2023-35074 Versions affected: WebKitGTK and WPE WebKit before 2.40.0. Credit to Abysslab Dong Jun Kim(@smlijun) and Jong Seong Kim(@nevul37). Impact: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved memory handling. CVE-2023-39434 Versions affected: WebKitGTK and WPE WebKit before 2.40.5. Credit to Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) of PK Security. Impact: Processing web content may lead to arbitrary code execution. Description: A use-after-free issue was addressed with improved memory management. CVE-2023-40451 Versions affected: WebKitGTK and WPE WebKit before 2.40.5. Credit to an anonymous researcher. Impact: An attacker with JavaScript execution may be able to execute arbitrary code. Description: This issue was addressed with improved iframe sandbox enforcement. CVE-2023-41074 Versions affected: WebKitGTK and WPE WebKit before 2.42.0. Credit to 이준성(Junsung Lee) of Cross Republic and me Li. Impact: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved checks. CVE-2023-41993 Versions affected: WebKitGTK and WPE WebKit before 2.42.1. Credit to Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group. Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: The issue was addressed with improved checks.
Another CVE fixed in 2.42.0 in WSA-2023-0012: CVE-2023-42890 Versions affected: WebKitGTK and WPE WebKit before 2.42.0. Credit to Pwn2car. Impact: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 259830
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=4a07754d6de45c14716438f4a3e32fda6124b30f commit 4a07754d6de45c14716438f4a3e32fda6124b30f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 14:29:39 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 14:30:12 +0000 [ GLSA 202401-33 ] WebKitGTK+: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/915222 Bug: https://bugs.gentoo.org/918667 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-33.xml | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+)