CVE-2021-45483 – webkitgtk: use-after-free in WebCore::Frame::page
https://notcve.org/view.php?id=CVE-2021-45483
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. En WebKitGTK versiones anteriores an 2.32.4, se presenta un uso de memoria previamente liberada en la función WebCore::Frame::page, una vulnerabilidad diferente de CVE-2021-30889 A use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.32.3 https://access.redhat.com/security/cve/CVE-2021-45483 https://bugzilla.redhat.com/show_bug.cgi?id=2040331 • CWE-416: Use After Free •
CVE-2021-42762
https://notcve.org/view.php?id=CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. El archivo BubblewrapLauncher.cpp en WebKitGTK y WPE WebKit versiones anteriores a 2.34.1, permite una omisión limitada del sandbox que permite a un proceso con sandbox engañar a procesos anfitriones para que piensen que el proceso con sandbox no está confinado por la sandbox, al abusar de las llamadas al sistema VFS que manipulan su espacio de nombres del sistema de archivos. El impacto se limita a servicios de host que crean sockets UNIX que WebKit monta dentro de su sandbox, y el proceso con sandbox permanece confinado de otra manera. • http://www.openwall.com/lists/oss-security/2021/10/26/9 http://www.openwall.com/lists/oss-security/2021/10/27/1 http://www.openwall.com/lists/oss-security/2021/10/27/2 http://www.openwall.com/lists/oss-security/2021/10/27/4 https://bugs.webkit.org/show_bug.cgi?id=231479 https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD https:& •
CVE-2021-21806 – webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-21806
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. Se presenta una vulnerabilidad explotable de uso de la memoria previamente liberada en el navegador WebKitGTK versión 2.30.3 x64. Una página web HTML especialmente diseñada puede causar una condición de uso de memoria previamente liberada, resultando en una ejecución de código remota. • http://www.openwall.com/lists/oss-security/2021/07/23/1 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1214 https://access.redhat.com/security/cve/CVE-2021-21806 https://bugzilla.redhat.com/show_bug.cgi?id=1980441 • CWE-416: Use After Free •
CVE-2021-21775 – webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution
https://notcve.org/view.php?id=CVE-2021-21775
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. Se presenta una vulnerabilidad de uso de memoria previamente liberada en la forma en que se procesan determinados eventos para los objetos ImageLoader de Webkit WebKitGTK versión 2.30.4. Una página web especialmente diseñada puede conllevar a un potencial filtrado de información y una mayor corrupción de memoria. • http://www.openwall.com/lists/oss-security/2021/07/23/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYMMBQN4PRVDLMIJT2LY2BWHLYBD57P3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4QORERLPDN3UNNJFJSOMHZZCU2G75Q6 https://talosintelligence.com/vulnerability_reports/TALOS-2021-1229 https://www.debian.org/security/2021/dsa-4945 https://access.redhat.com/security/cve/CVE-2021-21775 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-416: Use After Free •
CVE-2021-21779 – webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution
https://notcve.org/view.php?id=CVE-2021-21779
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. Se presenta una vulnerabilidad de uso de memoria previamente liberada en la forma en que el GraphicsContext de Webkit maneja determinados eventos en WebKitGTK versión 2.30.4. Una página web especialmente diseñada puede conllevar a un potencial filtrado de información y una mayor corrupción de memoria. • http://www.openwall.com/lists/oss-security/2021/07/23/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYMMBQN4PRVDLMIJT2LY2BWHLYBD57P3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4QORERLPDN3UNNJFJSOMHZZCU2G75Q6 https://talosintelligence.com/vulnerability_reports/TALOS-2021-1238 https://www.debian.org/security/2021/dsa-4945 https://access.redhat.com/security/cve/CVE-2021-21779 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-416: Use After Free •