OpenSUSE Linux update for webkit2gtk3
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2018-11646 CVE-2018-4190 CVE-2018-4199 CVE-2018-4218 CVE-2018-4222 CVE-2018-4232 CVE-2018-4233 |
| CWE-ID | CWE-20 CWE-200 CWE-120 CWE-119 CWE-125 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #7 is available. |
| Vulnerable software |
Opensuse Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU14308
Risk: Low
CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2018-11646
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to mishandling of an unset pageURL in webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp. A remote attacker can send specially crafted input and cause the service to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
2) Information disclosure
EUVDB-ID: #VU13144
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4190
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to a flaw in the WebKit component. A remote unauthenticated attacker can trick the victim into loading specially crafted CSS mask images and gain access to the target user's credentials.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU13139
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4199
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to buffer overflow in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU13137
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-4218
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU13145
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4222
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to out-of-bounds read error in WebKit. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger memory corruption and cause the service to crash.
Update the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU13143
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-4232
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and cause cookies to be overwritten.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory corruption
EUVDB-ID: #VU13138
Risk: High
CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2018-4233
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages.
Opensuse: 15.0
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2018-08/msg00031.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
