what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2023-2834-01

Red Hat Security Advisory 2023-2834-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2834-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-32886, CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823, CVE-2022-42824, CVE-2022-42826, CVE-2022-42852, CVE-2022-42863, CVE-2022-42867, CVE-2022-46691, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699
SHA-256 | 6a679e9dc0d3212115b238f42e43baea6a5e8542be4f1c84823386414d8836cb

Red Hat Security Advisory 2023-2834-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2834-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2834
Issue date: 2023-05-16
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.

Security Fix(es):

* webkitgtk: use-after-free issue leading to arbitrary code execution
(CVE-2022-42826)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2023-23517)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2023-23518)

* webkitgtk: buffer overflow issue was addressed with improved memory
handling (CVE-2022-32886)

* webkitgtk: out-of-bounds write issue was addressed with improved bounds
checking (CVE-2022-32888)

* webkitgtk: correctness issue in the JIT was addressed with improved
checks (CVE-2022-32923)

* webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)

* webkitgtk: type confusion issue leading to arbitrary code execution
(CVE-2022-42823)

* webkitgtk: sensitive information disclosure issue (CVE-2022-42824)

* webkitgtk: memory disclosure issue was addressed with improved memory
handling (CVE-2022-42852)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2022-42863)

* webkitgtk: use-after-free issue leading to arbitrary code execution
(CVE-2022-42867)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2022-46691)

* webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)

* webkitgtk: logic issue leading to user information disclosure
(CVE-2022-46698)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2022-46699)

* webkitgtk: memory corruption issue leading to arbitrary code execution
(CVE-2022-46700)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()
(CVE-2023-25358)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()
(CVE-2023-25360)

* webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()
(CVE-2023-25361)

* webkitgtk: heap-use-after-free in
WebCore::RenderLayer::repaintBlockSelectionGaps() (CVE-2023-25362)

* webkitgtk: heap-use-after-free in
WebCore::RenderLayer::updateDescendantDependentFlags() (CVE-2023-25363)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2127468 - Upgrade WebKitGTK for RHEL 8.8
2128643 - CVE-2022-32886 webkitgtk: buffer overflow issue was addressed with improved memory handling
2140501 - CVE-2022-32888 webkitgtk: out-of-bounds write issue was addressed with improved bounds checking
2140502 - CVE-2022-32923 webkitgtk: correctness issue in the JIT was addressed with improved checks
2140503 - CVE-2022-42799 webkitgtk: issue was addressed with improved UI handling
2140504 - CVE-2022-42824 webkitgtk: sensitive information disclosure issue
2140505 - CVE-2022-42823 webkitgtk: type confusion issue leading to arbitrary code execution
2150970 - Can't create Google account
2156986 - CVE-2022-42852 webkitgtk: memory disclosure issue was addressed with improved memory handling
2156987 - CVE-2022-42863 webkitgtk: memory corruption issue leading to arbitrary code execution
2156989 - CVE-2022-42867 webkitgtk: use-after-free issue leading to arbitrary code execution
2156990 - CVE-2022-46691 webkitgtk: memory corruption issue leading to arbitrary code execution
2156991 - CVE-2022-46692 webkitgtk: Same Origin Policy bypass issue
2156992 - CVE-2022-46698 webkitgtk: logic issue leading to user information disclosure
2156993 - CVE-2022-46699 webkitgtk: memory corruption issue leading to arbitrary code execution
2156994 - CVE-2022-46700 webkitgtk: memory corruption issue leading to arbitrary code execution
2167715 - CVE-2023-23518 webkitgtk: memory corruption issue leading to arbitrary code execution
2167716 - CVE-2022-42826 webkitgtk: use-after-free issue leading to arbitrary code execution
2167717 - CVE-2023-23517 webkitgtk: memory corruption issue leading to arbitrary code execution
2175099 - CVE-2023-25358 webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()
2175101 - CVE-2023-25360 webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer()
2175103 - CVE-2023-25361 webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()
2175105 - CVE-2023-25362 webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()
2175107 - CVE-2023-25363 webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
webkit2gtk3-2.38.5-1.el8.src.rpm

aarch64:
webkit2gtk3-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.aarch64.rpm

ppc64le:
webkit2gtk3-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.ppc64le.rpm

s390x:
webkit2gtk3-2.38.5-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el8.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.s390x.rpm

x86_64:
webkit2gtk3-2.38.5-1.el8.i686.rpm
webkit2gtk3-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el8.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el8.i686.rpm
webkit2gtk3-devel-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el8.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBZGNwwdzjgjWX9erEAQi3tBAAjImojT9z/AQ07EueAkwPWY9qnR++Q8+p
CVRVlNDkP/wfqxA1GthBBKCrholfiWqbk4HWgyoZCN/WaSD0T1I2asc/Y4bbBoc8
U1+0blOxRvZrSKQin22U/XW2wS8xYqBQLRuokwB0VSYhG5H2Q+zVqMp1AncKmTFb
hS9WLdX4e4JDp+WLgvSmr3uDSnAjp67oXdjxtPhE1Buf/MU8GpHfvmQPAFe50HAm
kf50Zf8dQK2XgRgefNBKgNM/xXPOQI+dozNwyNV+XZxOlIQX5N+wyuRVsIWOrOPu
KJkSSugX+FuVAYdNBY0sRxT5kmPao4jUqPPZ8gsHlySCOpRj18IAnuQwEfHoxZKf
xbTlGkhHjqfsCm7M4s/iDuJPd1tiXAJCbxZpPqP5ky6n0qTAq3O65fwFHgp/uGZp
8nmvkD3nuZhEk2GcCkAxUkIqpaYvLqHUX+sH7ujQ0tZNONOYTEVNsMQmCZqNkSVv
CdAnDx4iwR2KtLKamRo5EIVA72lksLTNVz7dFZy497CMcapX5yR7E1c2ht11vQS0
U0tYmvklWwTxqV9QGHnXblEWki631sOfO+Ku87INm5E75RGpzT8lc9LxHgwn4rV5
KQ7/AGQWND349MlDqM6WP/B3JHzxSH/S3uMIlUvcNjqYwqSjv8sjU96SiZaEAtRp
TrPuMTnh/ro=FlQx
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close