SUSE update for webkit2gtk3



Risk Critical
Patch available YES
Number of vulnerabilities 13
CVE-ID CVE-2021-21775
CVE-2021-21779
CVE-2021-30663
CVE-2021-30665
CVE-2021-30689
CVE-2021-30720
CVE-2021-30734
CVE-2021-30744
CVE-2021-30749
CVE-2021-30758
CVE-2021-30795
CVE-2021-30797
CVE-2021-30799
CWE-ID CWE-416
CWE-190
CWE-119
CWE-79
CWE-254
CWE-843
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Vulnerability #3 is being exploited in the wild.
Vulnerability #4 is being exploited in the wild.
Vulnerable software
Subscribe 		SUSE Manager Proxy
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE CaaS Platform
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

libwebkit2gtk3-lang
Operating systems & Components / Operating system package or component

libsoup-lang
Operating systems & Components / Operating system package or component

webkit2gtk3-devel
Operating systems & Components / Operating system package or component

webkit2gtk3-debugsource
Operating systems & Components / Operating system package or component

webkit2gtk-4_0-injected-bundles-debuginfo
Operating systems & Components / Operating system package or component

webkit2gtk-4_0-injected-bundles
Operating systems & Components / Operating system package or component

typelib-1_0-WebKit2WebExtension-4_0
Operating systems & Components / Operating system package or component

typelib-1_0-WebKit2-4_0
Operating systems & Components / Operating system package or component

typelib-1_0-Soup-2_4
Operating systems & Components / Operating system package or component

typelib-1_0-JavaScriptCore-4_0
Operating systems & Components / Operating system package or component

libwebkit2gtk-4_0-37-debuginfo
Operating systems & Components / Operating system package or component

libwebkit2gtk-4_0-37
Operating systems & Components / Operating system package or component

libsoup-devel
Operating systems & Components / Operating system package or component

libsoup-debugsource
Operating systems & Components / Operating system package or component

libsoup-2_4-1-debuginfo
Operating systems & Components / Operating system package or component

libsoup-2_4-1
Operating systems & Components / Operating system package or component

libjavascriptcoregtk-4_0-18-debuginfo
Operating systems & Components / Operating system package or component

libjavascriptcoregtk-4_0-18
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 13 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU53782

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-21775

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Use-after-free

EUVDB-ID: #VU53497

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2021-21779

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Integer overflow

EUVDB-ID: #VU52814

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-30663

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in WebKit. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

4) Buffer overflow

EUVDB-ID: #VU52815

Risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-30665

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

5) Universal cross-site scripting

EUVDB-ID: #VU53499

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30689

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in WebKit. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Security features bypass

EUVDB-ID: #VU53502

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30720

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists in WebKit due to the way the component handles links to internal resources. A remote attacker can create a specially crafted web page and trick the application to connect to arbitrary internal addresses.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU53501

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30734

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web oage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Universal cross-site scripting

EUVDB-ID: #VU53496

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30744

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in WebKit. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

EUVDB-ID: #VU53500

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30749

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content within the KeyframeEffect class in WebKit. A remote attacker can create a specially crafted web oage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Type Confusion

EUVDB-ID: #VU55217

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30758

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error in WebKit. A remote attacker can trick the victim to open a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU55218

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30795

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing HTML content in WebKit. A remote attacker can create a specially crafted website, trick the victim into visiting it, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Input validation error

EUVDB-ID: #VU55219

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30797

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in WebKit. A remote attacker can trick the victim to visit a specially crafted website and execute arbitrary code on the system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

EUVDB-ID: #VU55220

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30799

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package webkit2gtk3 to the latest version.

Vulnerable software versions

SUSE Manager Proxy: 4.0

SUSE Manager Retail Branch Server: 4.0

SUSE Manager Server: 4.0

SUSE Linux Enterprise Server for SAP: 15 - 15-SP1

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP1-LTSS

SUSE Enterprise Storage: 6

SUSE CaaS Platform: 4.0

SUSE Linux Enterprise Server: 15-LTSS - 15-SP1-LTSS

libwebkit2gtk3-lang: before 2.32.3-3.77.3

libsoup-lang: before 2.62.2-17.8.1

webkit2gtk3-devel: before 2.32.3-3.77.3

webkit2gtk3-debugsource: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles-debuginfo: before 2.32.3-3.77.3

webkit2gtk-4_0-injected-bundles: before 2.32.3-3.77.3

typelib-1_0-WebKit2WebExtension-4_0: before 2.32.3-3.77.3

typelib-1_0-WebKit2-4_0: before 2.32.3-3.77.3

typelib-1_0-Soup-2_4: before 2.62.2-17.8.1

typelib-1_0-JavaScriptCore-4_0: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37-debuginfo: before 2.32.3-3.77.3

libwebkit2gtk-4_0-37: before 2.32.3-3.77.3

libsoup-devel: before 2.62.2-17.8.1

libsoup-debugsource: before 2.62.2-17.8.1

libsoup-2_4-1-debuginfo: before 2.62.2-17.8.1

libsoup-2_4-1: before 2.62.2-17.8.1

libjavascriptcoregtk-4_0-18-debuginfo: before 2.32.3-3.77.3

libjavascriptcoregtk-4_0-18: before 2.32.3-3.77.3

CPE2.3 External links

http://www.suse.com/support/update/announcement/2021/suse-su-20212762-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###