SB2018102611 - OpenSUSE Linux update for webkit2gtk3
Published: October 26, 2018 Updated: July 1, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 40 vulnerabilities.
1) Memory corruption (CVE-ID: CVE-2017-13884)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error. A remote attacker can submit specially crafted web content, trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
2) Memory corruption (CVE-ID: CVE-2017-13885)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error. A remote attacker can submit specially crafted web content, trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
3) Spoofing attack (CVE-ID: CVE-2017-7153)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to conduct spoofing attack on the target system.
The weakness exists due to incorrect display of the lock icon on mixed content. A remote attacker can conduct spoofing attacks and gain access to potentially sensitive information.
4) Memory corruption (CVE-ID: CVE-2017-7160)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error. A remote attacker can trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
5) Command injection (CVE-ID: CVE-2017-7161)
CWE-ID: CWE-77 - Command injection
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to command injection. A remote attacker can submit specially crafted web content, inject arbitrary commands and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
6) Memory corruption (CVE-ID: CVE-2017-7165)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error. A remote attacker can trigger memory corruption and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
7) Improper input validation (CVE-ID: CVE-2018-11646)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to mishandling of an unset pageURL in webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp. A remote attacker can send specially crafted input and cause the service to crash.
8) Information disclosure (CVE-ID: CVE-2018-11712)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists in WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit due to improper TLS certificate verification for WebSocket connections. A remote unauthenticated attacker can gain access to important data.
9) Security restrictions bypass (CVE-ID: CVE-2018-11713)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists in WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit due to a failure to use system proxy settings for WebSocket connections. A remote attacker can cause the victim to be deanonymized by crafted web sites via a WebSocket connection.
10) Out-of-bounds write (CVE-ID: CVE-2018-12911)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code with elevated privileges.
The weakness exists due to an off-by-one error in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. A remote attacker can trigger out-of-bounds write and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
11) Memory corruption (CVE-ID: CVE-2018-4088)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
12) Memory corruption (CVE-ID: CVE-2018-4096)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
13) Memory corruption (CVE-ID: CVE-2018-4101)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
14) Denial of service (CVE-ID: CVE-2018-4113)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an array indexing error in WebKit javascript core. A remote attacker can trigger an ASSERT failure and cause the system to crash.
15) Memory corruption (CVE-ID: CVE-2018-4114)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
16) Information disclosure (CVE-ID: CVE-2018-4117)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to input validation flaw in the WebKit component fetch API. A remote attacker can bypass cross-origin restrictions and obtain potentially sensitive information.
17) Memory corruption (CVE-ID: CVE-2018-4118)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
18) Memory corruption (CVE-ID: CVE-2018-4119)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
19) Memory corruption (CVE-ID: CVE-2018-4120)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
20) Memory corruption (CVE-ID: CVE-2018-4121)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
21) Memory corruption (CVE-ID: CVE-2018-4122)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
22) Memory corruption (CVE-ID: CVE-2018-4125)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
23) Memory corruption (CVE-ID: CVE-2018-4127)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
24) Memory corruption (CVE-ID: CVE-2018-4128)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
25) Memory corruption (CVE-ID: CVE-2018-4129)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
26) Cross-site scripting (CVE-ID: CVE-2018-4133)
CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the WebKit component. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
27) Memory corruption (CVE-ID: CVE-2018-4146)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and cause the system to crash.
28) Memory corruption (CVE-ID: CVE-2018-4161)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
29) Memory corruption (CVE-ID: CVE-2018-4162)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
30) Memory corruption (CVE-ID: CVE-2018-4163)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
31) Memory corruption (CVE-ID: CVE-2018-4165)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
32) Information disclosure (CVE-ID: CVE-2018-4190)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a flaw in the WebKit component. A remote unauthenticated attacker can trick the victim into loading specially crafted CSS mask images and gain access to the target user's credentials.
33) Buffer overflow (CVE-ID: CVE-2018-4199)
CWE-ID: CWE-120 - Buffer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
34) Memory corruption (CVE-ID: CVE-2018-4200)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component when handling malicious input. A remote attacker can trick the victim into loading a specially crafted web content, trigger memory corruption and execute arbitrary code with elevated privileges.
35) Memory corruption (CVE-ID: CVE-2018-4204)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error in the WebKit component when handling malicious input. A remote attacker can trick the victim into loading a specially crafted web content, trigger memory corruption and execute arbitrary code with elevated privileges.
36) Memory corruption (CVE-ID: CVE-2018-4218)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
37) Out-of-bounds read (CVE-ID: CVE-2018-4222)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to out-of-bounds read error in WebKit. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger memory corruption and cause the service to crash.
38) Improper input validation (CVE-ID: CVE-2018-4232)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and cause cookies to be overwritten.
39) Memory corruption (CVE-ID: CVE-2018-4233)
CWE-ID: CWE-119 - Memory corruption
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
40) Type confusion (CVE-ID: CVE-2018-4246)
CWE-ID: CWE-843 - Type confusion
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to type confusion in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.