openSUSE-SU-2022:0705-1

Опубликовано: 04 мар. 2022

Источник: suse-cvrf

Описание

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues:

Update to version 2.34.6 (bsc#1196133):

CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution.

Update to version 2.34.5 (bsc#1195735):

CVE-2022-22589: A validation issue was addressed with improved input sanitization.
CVE-2022-22590: A use after free issue was addressed with improved memory management.
CVE-2022-22592: A logic issue was addressed with improved state management.

Update to version 2.34.4 (bsc#1195064):

CVE-2021-30934: A buffer overflow issue was addressed with improved memory handling.
CVE-2021-30936: A use after free issue was addressed with improved memory management.
CVE-2021-30951: A use after free issue was addressed with improved memory management.
CVE-2021-30952: An integer overflow was addressed with improved input validation.
CVE-2021-30953: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30954: A type confusion issue was addressed with improved memory handling.
CVE-2021-30984: A race condition was addressed with improved state handling.
CVE-2022-22594: A cross-origin issue in the IndexDB API was addressed with improved input validation.

The following CVEs were addressed in a previous update:

CVE-2021-45481: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create.
CVE-2021-45482: A use-after-free in WebCore::ContainerNode::firstChild.
CVE-2021-45483: A use-after-free in WebCore::Frame::page.

Список пакетов

openSUSE Leap 15.3

libjavascriptcoregtk-4_0-18-2.34.6-29.1

libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

libwebkit2gtk-4_0-37-2.34.6-29.1

libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

libwebkit2gtk3-lang-2.34.6-29.1

typelib-1_0-JavaScriptCore-4_0-2.34.6-29.1

typelib-1_0-WebKit2-4_0-2.34.6-29.1

typelib-1_0-WebKit2WebExtension-4_0-2.34.6-29.1

webkit-jsc-4-2.34.6-29.1

webkit2gtk-4_0-injected-bundles-2.34.6-29.1

webkit2gtk3-devel-2.34.6-29.1

webkit2gtk3-minibrowser-2.34.6-29.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4Z4NVNJOFDH7QHR6XKK6NVIFOWPKI3Y/
E-Mail link for openSUSE-SU-2022:0705-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1195064
SUSE Bug 1195064
https://bugzilla.suse.com/1195735
SUSE Bug 1195735
https://bugzilla.suse.com/1196133
SUSE Bug 1196133
https://www.suse.com/security/cve/CVE-2021-30934/
SUSE CVE CVE-2021-30934 page
https://www.suse.com/security/cve/CVE-2021-30936/
SUSE CVE CVE-2021-30936 page
https://www.suse.com/security/cve/CVE-2021-30951/
SUSE CVE CVE-2021-30951 page
https://www.suse.com/security/cve/CVE-2021-30952/
SUSE CVE CVE-2021-30952 page
https://www.suse.com/security/cve/CVE-2021-30953/
SUSE CVE CVE-2021-30953 page
https://www.suse.com/security/cve/CVE-2021-30954/
SUSE CVE CVE-2021-30954 page
https://www.suse.com/security/cve/CVE-2021-30984/
SUSE CVE CVE-2021-30984 page
https://www.suse.com/security/cve/CVE-2021-45481/
SUSE CVE CVE-2021-45481 page
https://www.suse.com/security/cve/CVE-2021-45482/
SUSE CVE CVE-2021-45482 page
https://www.suse.com/security/cve/CVE-2021-45483/
SUSE CVE CVE-2021-45483 page
https://www.suse.com/security/cve/CVE-2022-22589/
SUSE CVE CVE-2022-22589 page
https://www.suse.com/security/cve/CVE-2022-22590/
SUSE CVE CVE-2022-22590 page
https://www.suse.com/security/cve/CVE-2022-22592/
SUSE CVE CVE-2022-22592 page
https://www.suse.com/security/cve/CVE-2022-22620/
SUSE CVE CVE-2022-22620 page

Описание

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30934.html
CVE-2021-30934
https://bugzilla.suse.com/1195064
SUSE Bug 1195064
https://bugzilla.suse.com/1196393
SUSE Bug 1196393

Описание

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30936.html
CVE-2021-30936
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30951.html
CVE-2021-30951
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30952.html
CVE-2021-30952
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30953.html
CVE-2021-30953
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30954.html
CVE-2021-30954
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-30984.html
CVE-2021-30984
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45481.html
CVE-2021-45481
https://bugzilla.suse.com/1194138
SUSE Bug 1194138
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45482.html
CVE-2021-45482
https://bugzilla.suse.com/1194136
SUSE Bug 1194136
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45483.html
CVE-2021-45483
https://bugzilla.suse.com/1194135
SUSE Bug 1194135
https://bugzilla.suse.com/1195064
SUSE Bug 1195064

Описание

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-22589.html
CVE-2022-22589
https://bugzilla.suse.com/1195735
SUSE Bug 1195735

Описание

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-22590.html
CVE-2022-22590
https://bugzilla.suse.com/1195735
SUSE Bug 1195735

Описание

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-22592.html
CVE-2022-22592
https://bugzilla.suse.com/1195735
SUSE Bug 1195735

Описание

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

Затронутые продукты

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-2.34.6-29.1

openSUSE Leap 15.3:libjavascriptcoregtk-4_0-18-32bit-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-2.34.6-29.1

openSUSE Leap 15.3:libwebkit2gtk-4_0-37-32bit-2.34.6-29.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-22620.html
CVE-2022-22620
https://bugzilla.suse.com/1196133
SUSE Bug 1196133

openSUSE-SU-2022:0705-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-30934

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30936

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30951

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30952

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30953

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30954

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-30984

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-45481

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-45482

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-45483

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-22589

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-22590

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-22592

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-22620

Описание

Затронутые продукты

Ссылки