[wpe-webkit] WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003
Carlos Alberto Lopez Perez
clopez at igalia.com
Fri Apr 21 07:34:17 PDT 2023
------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003
------------------------------------------------------------------------
Date reported : April 21, 2023
Advisory ID : WSA-2023-0003
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2023-0003.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2023-0003.html
CVE identifiers : CVE-2023-25358, CVE-2022-0108, CVE-2022-32885,
CVE-2023-27932, CVE-2023-27954,
CVE-2023-28205.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2023-25358
Versions affected: WebKitGTK and WPE WebKit before 2.36.8.
Credit to Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher
lab.
A use-after-free vulnerability exists in WebCore::RenderLayer. This
issue allows remote attackers to execute arbitrary code or cause a
denial of service (memory corruption and application crash) via a
crafted web site. This is the same issue than CVE-2023-25360,
CVE-2023-25361, CVE-2023-25362 and CVE-2023-25363.
CVE-2022-0108
Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40
branch before 2.40.1.
Credit to Luan Herrera (@lbherrera_).
Impact: An HTML document may be able to render iframes with
sensitive user information. Description: This issue was addressed
with improved iframe sandbox enforcement.
CVE-2022-32885
Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40
branch before 2.40.1.
Credit to P1umer(@p1umer) and Q1IQ(@q1iqF).
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: A memory corruption issue was
addressed with improved validation.
CVE-2023-27932
Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40
branch before 2.40.1.
Credit to an anonymous researcher.
Impact: Processing maliciously crafted web content may bypass Same
Origin Policy. Description: This issue was addressed with improved
state management.
CVE-2023-27954
Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40
branch before 2.40.1.
Credit to an anonymous researcher.
Impact: A website may be able to track sensitive user information.
Description: The issue was addressed by removing origin information.
CVE-2023-28205
Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40
branch before 2.40.1.
Credit to Clément Lecigne of Google's Threat Analysis Group and
Donncha Ó Cearbhaill of Amnesty International’s Security Lab.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited. Description: A use after free
issue was addressed with improved memory management.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
April 21, 2023
More information about the webkit-wpe
mailing list