SB2018102611 - OpenSUSE Linux update for webkit2gtk3

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018102611

SB2018102611 - OpenSUSE Linux update for webkit2gtk3

Published: October 26, 2018 Updated: July 1, 2021

Security Bulletin ID SB2018102611
Severity
High
Patch available
YES
Number of vulnerabilities 40
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 73% Medium 5% Low 23%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 40 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2017-13884)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can submit specially crafted web content, trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


2) Memory corruption (CVE-ID: CVE-2017-13885)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can submit specially crafted web content, trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


3) Spoofing attack (CVE-ID: CVE-2017-7153)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to incorrect display of the lock icon on mixed content. A remote attacker can conduct spoofing attacks and gain access to potentially sensitive information.


4) Memory corruption (CVE-ID: CVE-2017-7160)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error. A remote attacker can trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


5) Command injection (CVE-ID: CVE-2017-7161)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to command injection. A remote attacker can submit specially crafted web content, inject arbitrary commands and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


6) Memory corruption (CVE-ID: CVE-2017-7165)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error. A remote attacker can trigger memory corruption and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


7) Improper input validation (CVE-ID: CVE-2018-11646)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to mishandling of an unset pageURL in webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp. A remote attacker can send specially crafted input and cause the service to crash.


8) Information disclosure (CVE-ID: CVE-2018-11712)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists in WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit due to improper TLS certificate verification for WebSocket connections. A remote unauthenticated attacker can gain access to important data.


9) Security restrictions bypass (CVE-ID: CVE-2018-11713)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists in WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit due to a failure to use system proxy settings for WebSocket connections. A remote attacker can cause the victim to be deanonymized by crafted web sites via a WebSocket connection.


10) Out-of-bounds write (CVE-ID: CVE-2018-12911)

The vulnerability allows a remote attacker to execute arbitrary code with elevated privileges.

The weakness exists due to an off-by-one error in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. A remote attacker can trigger out-of-bounds write and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

11) Memory corruption (CVE-ID: CVE-2018-4088)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

12) Memory corruption (CVE-ID: CVE-2018-4096)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

13) Memory corruption (CVE-ID: CVE-2018-4101)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

14) Denial of service (CVE-ID: CVE-2018-4113)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an array indexing error in WebKit javascript core. A remote attacker can trigger an ASSERT failure and cause the system to crash.

15) Memory corruption (CVE-ID: CVE-2018-4114)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

16) Information disclosure (CVE-ID: CVE-2018-4117)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input validation flaw in the WebKit component fetch API. A remote attacker can bypass cross-origin restrictions and obtain potentially sensitive information.

17) Memory corruption (CVE-ID: CVE-2018-4118)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

18) Memory corruption (CVE-ID: CVE-2018-4119)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

19) Memory corruption (CVE-ID: CVE-2018-4120)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

20) Memory corruption (CVE-ID: CVE-2018-4121)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

21) Memory corruption (CVE-ID: CVE-2018-4122)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

22) Memory corruption (CVE-ID: CVE-2018-4125)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

23) Memory corruption (CVE-ID: CVE-2018-4127)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

24) Memory corruption (CVE-ID: CVE-2018-4128)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

25) Memory corruption (CVE-ID: CVE-2018-4129)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

26) Cross-site scripting (CVE-ID: CVE-2018-4133)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the WebKit component. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


27) Memory corruption (CVE-ID: CVE-2018-4146)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and cause the system to crash.

28) Memory corruption (CVE-ID: CVE-2018-4161)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

29) Memory corruption (CVE-ID: CVE-2018-4162)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

30) Memory corruption (CVE-ID: CVE-2018-4163)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

31) Memory corruption (CVE-ID: CVE-2018-4165)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component. A remote attacker can trigger memory corruption and execute arbitrary code with elevated privileges.

32) Information disclosure (CVE-ID: CVE-2018-4190)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a flaw in the WebKit component. A remote unauthenticated attacker can trick the victim into loading specially crafted CSS mask images and gain access to the target user's credentials.


33) Buffer overflow (CVE-ID: CVE-2018-4199)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to buffer overflow in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


34) Memory corruption (CVE-ID: CVE-2018-4200)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when handling malicious input. A remote attacker can trick the victim into loading a specially crafted web content, trigger memory corruption and execute arbitrary code with elevated privileges.

35) Memory corruption (CVE-ID: CVE-2018-4204)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when handling malicious input. A remote attacker can trick the victim into loading a specially crafted web content, trigger memory corruption and execute arbitrary code with elevated privileges.

36) Memory corruption (CVE-ID: CVE-2018-4218)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


37) Out-of-bounds read (CVE-ID: CVE-2018-4222)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read error in WebKit. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger memory corruption and cause the service to crash.


38) Improper input validation (CVE-ID: CVE-2018-4232)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and cause cookies to be overwritten.


39) Memory corruption (CVE-ID: CVE-2018-4233)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into loading a specially crafted content, trigger a memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


40) Type confusion (CVE-ID: CVE-2018-4246)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to type confusion in the WebKit component when handling malicious input. A remote unauthenticated attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References