===================================================================== CERT-Renater Note d'Information No. 2022/VULN192 _____________________________________________________________________ DATE : 01/06/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running WebKitGTK, WPE WebKit versions prior to 2.36.3. ===================================================================== https://webkitgtk.org/security/WSA-2022-0005.html https://wpewebkit.org/security/WSA-2022-0005.html _____________________________________________________________________ ------------------------------------------------------------------------ WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005 ------------------------------------------------------------------------ Date reported : May 30, 2022 Advisory ID : WSA-2022-0005 WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2022-0005.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2022-0005.html CVE identifiers : CVE-2022-26700, CVE-2022-26709, CVE-2022-26717, CVE-2022-26716, CVE-2022-26719, CVE-2022-30293, CVE-2022-30294. Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2022-26700 Versions affected: WebKitGTK and WPE WebKit before 2.36.3. Credit to ryuzaki. Impact: Processing maliciously crafted web content may lead to code execution. Description: A memory corruption issue was addressed with improved state management. CVE-2022-26709 Versions affected: WebKitGTK and WPE WebKit before 2.36.3. Credit to Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A use after free issue was addressed with improved memory management. CVE-2022-26717 Versions affected: WebKitGTK and WPE WebKit before 2.36.3. Credit to Jeonghoon Shin of Theori. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A use after free issue was addressed with improved memory management. CVE-2022-26716 Versions affected: WebKitGTK and WPE WebKit before 2.36.3. Credit to SorryMybad (@S0rryMybad) of Kunlun Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed with improved state management. CVE-2022-26719 Versions affected: WebKitGTK and WPE WebKit before 2.36.3. Credit to Dongzhuo Zhao working with ADLab of Venustech. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed with improved state management. CVE-2022-30293 Versions affected: WebKitGTK and WPE WebKit before 2.36.1. Credit to Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or to a denial of service (application crash). Description: A memory corruption issue that could cause a heap use after free or a heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer was addressed with improved state management. CVE-2022-30294 Versions affected: WebKitGTK and WPE WebKit before 2.36.1. Credit to Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution or to a denial of service (application crash). Description: A memory corruption issue that could cause a heap use after free or a heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer was addressed with improved state management. This is the same issue than CVE-2022-30293. We recommend updating to the latest stable versions of WebKitGTK and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK and WPE WebKit team, May 30, 2022 ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================