CVE-2024-23222: A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. CVE-2024-23206: An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23213: The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. The above are fixed in 2.42.5 CVE-2023-40414: A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. The above is fixed in 2.42.1 CVE-2023-42833: A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution. The above is fixed in 2.38.0 CVE-2014-1745: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. The above is fixed in 2.42.0
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a6b6dc6b54341e720273ca212ba6abec25476845 commit a6b6dc6b54341e720273ca212ba6abec25476845 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2024-04-16 17:29:52 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2024-04-16 17:29:57 +0000 net-libs/webkit-gtk: security cleanup Bug: https://bugs.gentoo.org/923851 Signed-off-by: Mart Raudsepp <leio@gentoo.org> net-libs/webkit-gtk/Manifest | 2 - net-libs/webkit-gtk/webkit-gtk-2.42.3-r410.ebuild | 266 --------------------- net-libs/webkit-gtk/webkit-gtk-2.42.3-r600.ebuild | 259 --------------------- net-libs/webkit-gtk/webkit-gtk-2.42.3.ebuild | 256 -------------------- net-libs/webkit-gtk/webkit-gtk-2.42.4-r410.ebuild | 270 ---------------------- net-libs/webkit-gtk/webkit-gtk-2.42.4-r600.ebuild | 263 --------------------- net-libs/webkit-gtk/webkit-gtk-2.42.4.ebuild | 260 --------------------- 7 files changed, 1576 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=6c98e30895374eb197e0bbe54787501361bbc96b commit 6c98e30895374eb197e0bbe54787501361bbc96b Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-07-05 07:33:55 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-07-05 07:34:34 +0000 [ GLSA 202407-13 ] WebKitGTK+: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/923851 Bug: https://bugs.gentoo.org/930116 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202407-13.xml | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+)