webkit2gtk3-2.38.5-1.el8.ML.1

エラータID: AXSA:2023-5964:10

Release date: 
Friday, June 9, 2023 - 09:55
Subject: 
webkit2gtk3-2.38.5-1.el8.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: use-after-free issue leading to arbitrary code execution (CVE-2022-42826)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-23517)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-23518)
* webkitgtk: buffer overflow issue was addressed with improved memory handling (CVE-2022-32886)
* webkitgtk: out-of-bounds write issue was addressed with improved bounds checking (CVE-2022-32888)
* webkitgtk: correctness issue in the JIT was addressed with improved checks (CVE-2022-32923)
* webkitgtk: issue was addressed with improved UI handling (CVE-2022-42799)
* webkitgtk: type confusion issue leading to arbitrary code execution (CVE-2022-42823)
* webkitgtk: sensitive information disclosure issue (CVE-2022-42824)
* webkitgtk: memory disclosure issue was addressed with improved memory handling (CVE-2022-42852)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-42863)
* webkitgtk: use-after-free issue leading to arbitrary code execution (CVE-2022-42867)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46691)
* webkitgtk: Same Origin Policy bypass issue (CVE-2022-46692)
* webkitgtk: logic issue leading to user information disclosure (CVE-2022-46698)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46699)
* webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2022-46700)
* webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild() (CVE-2023-25358)
* webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer() (CVE-2023-25360)
* webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling() (CVE-2023-25361)
* webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps() (CVE-2023-25362)
* webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags() (CVE-2023-25363)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-32886
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-32888
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-32923
A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.
CVE-2022-42799
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
CVE-2022-42823
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-42824
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.
CVE-2022-42826
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-42852
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2022-42863
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-42867
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-46691
A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-46692
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.
CVE-2022-46698
A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.
CVE-2022-46699
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-46700
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2023-23517
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2023-23518
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2023-25358
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25360
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25361
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. webkit2gtk3-2.38.5-1.el8.ML.1.src.rpm
    MD5: e1c4d619141b08b075771a52e82f8938
    SHA-256: c581d00d17a35b97d9b0c4ee3c80a3ae17c54bff1b17072a9f1b12ae145d43ec
    Size: 31.52 MB

Asianux Server 8 for x86_64
  1. webkit2gtk3-2.38.5-1.el8.ML.1.i686.rpm
    MD5: 94233af086d20e2c2a284ba0fc22f6f4
    SHA-256: 4b21b696d69e0ec8323289c9e43d609884adad5febc6ffb1310c2acb79263f28
    Size: 23.37 MB
  2. webkit2gtk3-2.38.5-1.el8.ML.1.x86_64.rpm
    MD5: bf8b98b27b5b68b831877f1d3b682177
    SHA-256: aa9fba6a5b65fbebbc42d59902d851e4261b00f52ac5bb0b8485e4ea81872a3e
    Size: 21.45 MB
  3. webkit2gtk3-devel-2.38.5-1.el8.ML.1.i686.rpm
    MD5: dfee1ef089d7ce87d18964c9d423d408
    SHA-256: 11bb194d4248718ccbc4dc798db5de61b6fae319beeabec038ec5e04473c3ab0
    Size: 295.71 kB
  4. webkit2gtk3-devel-2.38.5-1.el8.ML.1.x86_64.rpm
    MD5: c6d716ac3d6bf3956adca79099f26ac8
    SHA-256: adcb123deea729e496479e24cfa24016663bd61e3ae61183597ed5e372fa55c1
    Size: 291.43 kB
  5. webkit2gtk3-jsc-2.38.5-1.el8.ML.1.i686.rpm
    MD5: ed92750d75405633712a3d6eb58cecb3
    SHA-256: 259eee4a14933861e4ca4e596822259e01066181298aa23ed673f2c49ae36887
    Size: 3.83 MB
  6. webkit2gtk3-jsc-2.38.5-1.el8.ML.1.x86_64.rpm
    MD5: a252d8df7d704a189a2adf5985f88dfc
    SHA-256: 6737bc3f90b0bd9c21975d7505a4062cfaa87bbab4acf60ff2c86bed84d87b09
    Size: 7.06 MB
  7. webkit2gtk3-jsc-devel-2.38.5-1.el8.ML.1.i686.rpm
    MD5: 7ee2d2875947198a961a6b3a0ee64f45
    SHA-256: 86adff1b809bf63bdd6270c3bfb71676f6ab9e12261587b68e654a1eb1194511
    Size: 164.97 kB
  8. webkit2gtk3-jsc-devel-2.38.5-1.el8.ML.1.x86_64.rpm
    MD5: 052d2ddfbe6fcaff1cb352fe60822c2b
    SHA-256: 77314afcc03ebf18eb4bdf81664a5be4927b7daef9a0867e90bc03c386c78a4b
    Size: 156.14 kB