-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Release security advisory WSA-2023-0009
- Loading branch information
Showing
1 changed file
with
74 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
--- | ||
layout: post | ||
title: WebKitGTK and WPE WebKit Security Advisory WSA-2023-0009 | ||
permalink: /security/WSA-2023-0009.html | ||
tags: WSA | ||
--- | ||
|
||
* Date Reported: **September 28, 2023** | ||
|
||
* Advisory ID: **WSA-2023-0009** | ||
|
||
* CVE identifiers: [CVE-2023-39928](#CVE-2023-39928), [CVE-2023-35074](#CVE-2023-35074), | ||
[CVE-2023-39434](#CVE-2023-39434), [CVE-2023-40451](#CVE-2023-40451), | ||
[CVE-2023-41074](#CVE-2023-41074), [CVE-2023-41993](#CVE-2023-41993). | ||
|
||
|
||
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. | ||
|
||
* <a name="CVE-2023-39928" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39928">CVE-2023-39928</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.42.0. | ||
* Credit to Marcin 'Icewall' Noga of Cisco Talos. | ||
* A use-after-free vulnerability exists in the MediaRecorder API of | ||
the WebKit GStreamer-based ports (WebKitGTK and WPE WebKit). A | ||
specially crafted web page can abuse this vulnerability to cause | ||
memory corruption and potentially arbitrary code execution. A user | ||
would need to to visit a malicious webpage to trigger this | ||
vulnerability. WebKit Bugzilla: 260649. | ||
|
||
* <a name="CVE-2023-35074" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35074">CVE-2023-35074</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.40.0. | ||
* Credit to Abysslab Dong Jun Kim(@smlijun) and Jong Seong | ||
Kim(@nevul37). | ||
* Impact: Processing web content may lead to arbitrary code execution. | ||
Description: The issue was addressed with improved memory handling. | ||
|
||
* <a name="CVE-2023-39434" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39434">CVE-2023-39434</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.40.5. | ||
* Credit to Francisco Alonso (@revskills), and Dohyun Lee (@l33d0hyun) | ||
of PK Security. | ||
* Impact: Processing web content may lead to arbitrary code execution. | ||
Description: A use-after-free issue was addressed with improved | ||
memory management. | ||
|
||
* <a name="CVE-2023-40451" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40451">CVE-2023-40451</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.40.5. | ||
* Credit to an anonymous researcher. | ||
* Impact: An attacker with JavaScript execution may be able to execute | ||
arbitrary code. Description: This issue was addressed with improved | ||
iframe sandbox enforcement. | ||
|
||
* <a name="CVE-2023-41074" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41074">CVE-2023-41074</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.42.0. | ||
* Credit to 이준성(Junsung Lee) of Cross Republic and me Li. | ||
* Impact: Processing web content may lead to arbitrary code execution. | ||
Description: The issue was addressed with improved checks. | ||
|
||
* <a name="CVE-2023-41993" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41993">CVE-2023-41993</a> | ||
* Versions affected: WebKitGTK and WPE WebKit before 2.42.1. | ||
* Credit to Bill Marczak of The Citizen Lab at The University of | ||
Toronto's Munk School and Maddie Stone of Google's Threat Analysis | ||
Group. | ||
* Impact: Processing web content may lead to arbitrary code execution. | ||
Apple is aware of a report that this issue may have been actively | ||
exploited. Description: The issue was addressed with improved | ||
checks. | ||
|
||
|
||
We recommend updating to the latest stable versions of WebKitGTK and WPE | ||
WebKit. It is the best way to ensure that you are running safe versions | ||
of WebKit. Please check our websites for information about the latest | ||
stable releases. | ||
|
||
Further information about WebKitGTK and WPE WebKit security advisories can be found at: | ||
[https://webkitgtk.org/security.html](https://webkitgtk.org/security.html) or [https://wpewebkit.org/security/](https://wpewebkit.org/security/). |