RedHat: RHSA-2022-1777:01 Moderate: webkit2gtk3 security, bug fix,
Summary
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
The following packages have been upgraded to a later upstream version:
webkit2gtk3 (2.34.6). (BZ#1985042)
Security Fix(es):
* webkitgtk: maliciously crafted web content may lead to arbitrary code
execution due to use after free (CVE-2022-22620)
* webkitgtk: Use-after-free leading to arbitrary code execution
(CVE-2021-30809)
* webkitgtk: Type confusion issue leading to arbitrary code execution
(CVE-2021-30818)
* webkitgtk: Logic issue leading to HSTS bypass (CVE-2021-30823)
* webkitgtk: Memory corruption issue leading to arbitrary code execution
(CVE-2021-30846)
* webkitgtk: Memory corruption issue leading to arbitrary code execution
(CVE-2021-30848)
* webkitgtk: Multiple memory corruption issue leading to arbitrary code
execution (CVE-2021-30849)
* webkitgtk: Memory corruption issue leading to arbitrary code execution
(CVE-2021-30851)
* webkitgtk: Logic issue leading to Content Security Policy bypass
(CVE-2021-30887)
* webkitgtk: Information leak via Content Security Policy reports
(CVE-2021-30888)
* webkitgtk: Buffer overflow leading to arbitrary code execution
(CVE-2021-30889)
* webkitgtk: Logic issue leading to universal cross-site scripting
(CVE-2021-30890)
* webkitgtk: Cross-origin data exfiltration via resource timing API
(CVE-2021-30897)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30934)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30936)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30951)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30952)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30953)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30954)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2021-30984)
* webkitgtk: Incorrect memory allocation in
WebCore::ImageBufferCairoImageSurfaceBackend::create (CVE-2021-45481)
* webkitgtk: use-after-free in WebCore::ContainerNode::firstChild
(CVE-2021-45482)
* webkitgtk: use-after-free in WebCore::Frame::page (CVE-2021-45483)
* webkitgtk: Processing a maliciously crafted mail message may lead to
running arbitrary javascript (CVE-2022-22589)
* webkitgtk: Processing maliciously crafted web content may lead to
arbitrary code execution (CVE-2022-22590)
* webkitgtk: Processing maliciously crafted web content may prevent Content
Security Policy from being enforced (CVE-2022-22592)
* webkitgtk: A malicious website may exfiltrate data cross-origin
(CVE-2022-22594)
* webkitgtk: logic issue was addressed with improved state management
(CVE-2022-22637)
* webkitgtk: Out-of-bounds read leading to memory disclosure
(CVE-2021-30836)
* webkitgtk: CSS compositing issue leading to revealing of the browsing
history (CVE-2021-30884)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.6 Release Notes linked from the References section.
Summary
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
References
https://access.redhat.com/security/cve/CVE-2021-30809 https://access.redhat.com/security/cve/CVE-2021-30818 https://access.redhat.com/security/cve/CVE-2021-30823 https://access.redhat.com/security/cve/CVE-2021-30836 https://access.redhat.com/security/cve/CVE-2021-30846 https://access.redhat.com/security/cve/CVE-2021-30848 https://access.redhat.com/security/cve/CVE-2021-30849 https://access.redhat.com/security/cve/CVE-2021-30851 https://access.redhat.com/security/cve/CVE-2021-30884 https://access.redhat.com/security/cve/CVE-2021-30887 https://access.redhat.com/security/cve/CVE-2021-30888 https://access.redhat.com/security/cve/CVE-2021-30889 https://access.redhat.com/security/cve/CVE-2021-30890 https://access.redhat.com/security/cve/CVE-2021-30897 https://access.redhat.com/security/cve/CVE-2021-30934 https://access.redhat.com/security/cve/CVE-2021-30936 https://access.redhat.com/security/cve/CVE-2021-30951 https://access.redhat.com/security/cve/CVE-2021-30952 https://access.redhat.com/security/cve/CVE-2021-30953 https://access.redhat.com/security/cve/CVE-2021-30954 https://access.redhat.com/security/cve/CVE-2021-30984 https://access.redhat.com/security/cve/CVE-2021-45481 https://access.redhat.com/security/cve/CVE-2021-45482 https://access.redhat.com/security/cve/CVE-2021-45483 https://access.redhat.com/security/cve/CVE-2022-22589 https://access.redhat.com/security/cve/CVE-2022-22590 https://access.redhat.com/security/cve/CVE-2022-22592 https://access.redhat.com/security/cve/CVE-2022-22594 https://access.redhat.com/security/cve/CVE-2022-22620 https://access.redhat.com/security/cve/CVE-2022-22637 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/
Package List
Red Hat Enterprise Linux AppStream (v. 8):
Source:
webkit2gtk3-2.34.6-1.el8.src.rpm
aarch64:
webkit2gtk3-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-debuginfo-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-debugsource-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-devel-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-jsc-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-2.34.6-1.el8.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.34.6-1.el8.aarch64.rpm
ppc64le:
webkit2gtk3-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-debuginfo-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-debugsource-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-devel-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-jsc-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-2.34.6-1.el8.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.34.6-1.el8.ppc64le.rpm
s390x:
webkit2gtk3-2.34.6-1.el8.s390x.rpm
webkit2gtk3-debuginfo-2.34.6-1.el8.s390x.rpm
webkit2gtk3-debugsource-2.34.6-1.el8.s390x.rpm
webkit2gtk3-devel-2.34.6-1.el8.s390x.rpm
webkit2gtk3-devel-debuginfo-2.34.6-1.el8.s390x.rpm
webkit2gtk3-jsc-2.34.6-1.el8.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.34.6-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-2.34.6-1.el8.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.34.6-1.el8.s390x.rpm
x86_64:
webkit2gtk3-2.34.6-1.el8.i686.rpm
webkit2gtk3-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-debuginfo-2.34.6-1.el8.i686.rpm
webkit2gtk3-debuginfo-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-debugsource-2.34.6-1.el8.i686.rpm
webkit2gtk3-debugsource-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-devel-2.34.6-1.el8.i686.rpm
webkit2gtk3-devel-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.34.6-1.el8.i686.rpm
webkit2gtk3-devel-debuginfo-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-jsc-2.34.6-1.el8.i686.rpm
webkit2gtk3-jsc-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.34.6-1.el8.i686.rpm
webkit2gtk3-jsc-debuginfo-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-2.34.6-1.el8.i686.rpm
webkit2gtk3-jsc-devel-2.34.6-1.el8.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.34.6-1.el8.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.34.6-1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
Topic
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
Bugs Fixed
1985042 - Upgrade WebKitGTK for RHEL 8.6
2017898 - CVE-2021-30846 webkitgtk: Memory corruption issue leading to arbitrary code execution
2017901 - CVE-2021-30848 webkitgtk: Memory corruption issue leading to arbitrary code execution
2017904 - CVE-2021-30849 webkitgtk: Multiple memory corruption issue leading to arbitrary code execution
2018573 - CVE-2021-30851 webkitgtk: Memory corruption issue leading to arbitrary code execution
2034347 - CVE-2021-30809 webkitgtk: Use-after-free leading to arbitrary code execution
2034368 - CVE-2021-30818 webkitgtk: Type confusion issue leading to arbitrary code execution
2034373 - CVE-2021-30823 webkitgtk: Logic issue leading to HSTS bypass
2034376 - CVE-2021-30836 webkitgtk: Out-of-bounds read leading to memory disclosure
2034378 - CVE-2021-30884 webkitgtk: CSS compositing issue leading to revealing of the browsing history
2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass
2034383 - CVE-2021-30888 webkitgtk: Information leak via Content Security Policy reports
2034386 - CVE-2021-30889 webkitgtk: Buffer overflow leading to arbitrary code execution
2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting
2038907 - CVE-2021-30897 webkitgtk: Cross-origin data exfiltration via resource timing API
2040327 - CVE-2021-45481 webkitgtk: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create
2040329 - CVE-2021-45482 webkitgtk: use-after-free in WebCore::ContainerNode::firstChild
2040331 - CVE-2021-45483 webkitgtk: use-after-free in WebCore::Frame::page
2041559 - Doesn't show document with ongoing resources' download immediately
2044521 - CVE-2021-30934 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044528 - CVE-2021-30936 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044534 - CVE-2021-30951 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044538 - CVE-2021-30952 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044542 - CVE-2021-30953 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044551 - CVE-2021-30954 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2044553 - CVE-2021-30984 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2045291 - CVE-2022-22594 webkitgtk: A malicious website may exfiltrate data cross-origin
2053179 - CVE-2022-22589 webkitgtk: Processing a maliciously crafted mail message may lead to running arbitrary javascript
2053181 - CVE-2022-22590 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
2053185 - CVE-2022-22592 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
2056474 - CVE-2022-22620 webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use after free
2073903 - CVE-2022-22637 webkitgtk: logic issue was addressed with improved state management