Описание
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | ignored | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | ignored | |
| esm-apps/focal | ignored | |
| esm-apps/jammy | ignored | |
| esm-apps/noble | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | DNE | |
| esm-apps/bionic | ignored | |
| esm-apps/xenial | ignored | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.17.92-1 |
| bionic | not-affected | 2.17.92-1 |
| cosmic | not-affected | 2.17.92-1 |
| devel | not-affected | 2.17.92-1 |
| disco | not-affected | 2.17.92-1 |
| eoan | not-affected | 2.17.92-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 2.17.92-1 |
| esm-infra/focal | not-affected | 2.17.92-1 |
| esm-infra/xenial | not-affected | 2.16.6-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | ignored | |
| esm-apps/xenial | ignored | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, do ...
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.
Уязвимость функции IPC::Connection::processMessage UNIX IPC ядра отображения веб-страниц WebKitGTK+, позволяющая нарушителю вызвать переполнение буфера
7.5 High
CVSS2
9.8 Critical
CVSS3