Red Hat Security Advisory: webkit2gtk3 security and bug fix update
🔗 CVE IDs covered (23)
📋 Description
CVE-2022-32886 — webkitgtk: buffer overflow issue was addressed with improved memory handling CVE-2022-32888 — webkitgtk: out-of-bounds write issue was addressed with improved bounds checking CVE-2022-32923 — webkitgtk: correctness issue in the JIT was addressed with improved checks CVE-2022-42799 — webkitgtk: issue was addressed with improved UI handling CVE-2022-42823 — webkitgtk: type confusion issue leading to arbitrary code execution CVE-2022-42824 — webkitgtk: sensitive information disclosure issue CVE-2022-42826 — webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42852 — webkitgtk: memory disclosure issue was addressed with improved memory handling CVE-2022-42863 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2022-42867 — webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-46691 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2022-46692 — webkitgtk: Same Origin Policy bypass issue CVE-2022-46698 — webkitgtk: logic issue leading to user information disclosure CVE-2022-46699 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2022-46700 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2022-48503 — webkitgtk: improper bounds checking leading to arbitrary code execution CVE-2023-23517 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23518 — webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-25358 — webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild() CVE-2023-25360 — webkitgtk: heap-use-after-free in WebCore::RenderLayer::renderer() CVE-2023-25361 — webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling() CVE-2023-25362 — webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps() CVE-2023-25363 — webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()
🔗 References (27)
- selfhttps://access.redhat.com/errata/RHSA-2023:2256
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2127467
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2128643
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140501
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140502
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140503
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140504
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2140505
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156986
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156987
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156989
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156990
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156991
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156992
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156993
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156994
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2167715
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2167716
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2167717
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2175099
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2175101
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2175103
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2175105
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2175107
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2256.json