|
Message-ID: <20240925172049.GB1308139@igalia.com>
Date: Wed, 25 Sep 2024 17:20:49 +0300
From: Adrian Perez de Castro <aperez@...lia.com>
To: webkit-gtk@...ts.webkit.org, webkit-wpe@...ts.webkit.org
Cc: security@...kit.org, oss-security@...ts.openwall.com
Subject: WebKitGTK and WPE WebKit Security Advisory WSA-2024-0005
------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2024-0005
------------------------------------------------------------------------
Date reported : September 25, 2024
Advisory ID : WSA-2024-0005
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2024-0005.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2024-0005.html
CVE identifiers : CVE-2024-23271, CVE-2024-27808,
CVE-2024-27820, CVE-2024-27830,
CVE-2024-27833, CVE-2024-27838,
CVE-2024-27850, CVE-2024-27851,
CVE-2024-40857, CVE-2024-40866,
CVE-2024-44187.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2024-23271
Versions affected: WebKitGTK and WPE WebKit before 2.42.5.
Credit to James Lee (@Windowsrcer).
Impact: A malicious website may cause unexpected cross-origin
behavior. Description: A logic issue was addressed with improved
checks.
WebKit Bugzilla: 265812
CVE-2024-27808
Versions affected: WebKitGTK and WPE WebKit before 2.44.2.
Credit to Lukas Bernhard of CISPA Helmholtz Center for Information Security.
Impact: Processing web content may lead to arbitrary code execution.
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 268221
CVE-2024-27820
Versions affected: WebKitGTK and WPE WebKit before 2.44.2.
Credit to Jeff Johnson of underpassapp.com.
Impact: Processing web content may lead to arbitrary code execution.
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 270139
CVE-2024-27830
Versions affected: WebKitGTK and WPE WebKit before 2.44.3.
Credit to Joe Rutkowski (@Joe12387) of Crawless and @abrahamjuliot.
Impact: A maliciously crafted webpage may be able to fingerprint the
user. Description: This issue was addressed through improved state
management.
WebKit Bugzilla: 271159
CVE-2024-27833
Versions affected: WebKitGTK and WPE WebKit before 2.44.2.
Credit to Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: An integer overflow was
addressed with improved input validation.
WebKit Bugzilla: 271491
CVE-2024-27838
Versions affected: WebKitGTK and WPE WebKit before 2.44.3.
Credit to Emilio Cobos of Mozilla.
Impact: A maliciously crafted webpage may be able to fingerprint the
user. Description: The issue was addressed by adding additional
logic.
WebKit Bugzilla: 262337
CVE-2024-27850
Versions affected: WebKitGTK and WPE WebKit before 2.44.2.
Credit to an anonymous researcher.
Impact: A maliciously crafted webpage may be able to fingerprint the
user. Description: This issue was addressed with improvements to the
noise injection algorithm.
WebKit Bugzilla: 270767
CVE-2024-27851
Versions affected: WebKitGTK and WPE WebKit before 2.44.3.
Credit to Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: The issue was addressed with
improved bounds checks.
WebKit Bugzilla: 272106
CVE-2024-40857
Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
Credit to Ron Masas.
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting. Description: This issue was
addressed through improved state management.
WebKit Bugzilla: 268724
CVE-2024-40866
Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
Credit to Hafiizh and YoKo Kho (@yokoacc) of HakTrak.
Impact: Visiting a malicious website may lead to address bar
spoofing. Description: The issue was addressed with improved UI.
WebKit Bugzilla: 279451
CVE-2024-44187
Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
Credit to Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd,
Pune (India).
Impact: A malicious website may exfiltrate data cross-origin.
Description: A cross-origin issue existed with "iframe" elements.
This was addressed with improved tracking of security origins.
WebKit Bugzilla: 279452
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security.
The WebKitGTK and WPE WebKit team,
Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.