Mageia: 2020-0441 Moderate: Webkit2 Code Execution Issues Fixed
mageia
November 27, 2020
The webkit2 package has been updated to version 2.30.3, fixing several security issues and other bugs
Summary
The webkit2 package has been updated to version 2.30.3, fixing several
security issues and other bugs.
A type confusion issue may lead to arbitrary code execution with a maliciously
crafted web content, fixed with improved memory handling (CVE-2020-9948).
An use after free issue may lead to arbitrary code execution with a maliciously
crafted web content, fixed with improved memory management (CVE-2020-9951).
An out-of-bounds write issue may lead to code execution with a maliciously
crafted web content, fixed with improved bounds checking (CVE-2020-9983).
An use after free issue may lead to arbitrary code execution with a maliciously
crafted web content, fixed with improved memory management. (CVE-2020-13584).
References
- https://bugs.mageia.org/show_bug.cgi?id=27656
- https://webkitgtk.org/2020/11/20/webkitgtk2.30.3-released.html
- https://webkitgtk.org/security/WSA-2020-0008.html
- https://www.cve.org/CVERecord?id=CVE-2020-9948
- https://www.cve.org/CVERecord?id=CVE-2020-9951
- https://www.cve.org/CVERecord?id=CVE-2020-9983
- https://www.cve.org/CVERecord?id=CVE-2020-13584
Resolution
SRPMS
- 7/core/webkit2-2.30.3-1.mga7
PREVIOUS
NEXT
Publication date: 27 Nov 2020
URL: https://advisories.mageia.org/MGASA-2020-0441.html
Type: security
CVE: CVE-2020-9948,
CVE-2020-9951,
CVE-2020-9983,
CVE-2020-13584
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!