Arch Linux alert ASA-201609-2 (webkit2gtk )
| From: | Levente Polyak <anthraxx@archlinux.org> | |
| To: | arch-security@archlinux.org | |
| Subject: | [arch-security] [ASA-201609-2] webkit2gtk: multiple issues | |
| Date: | Thu, 1 Sep 2016 23:43:36 +0200 | |
| Message-ID: | <fb56612e-4f20-737a-dd44-01d9f97ccc39@archlinux.org> |
Arch Linux Security Advisory ASA-201609-2 ========================================= Severity: Critical Date : 2016-09-01 CVE-ID : CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4624 Package : webkit2gtk Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package webkit2gtk before version 2.12.4-1 is vulnerable to multiple issues. Resolution ========== Upgrade to 2.12.4-1. # pacman -Syu "webkit2gtk>=2.12.4-1" The problems have been fixed upstream in version 2.12.4. Workaround ========== None. Description =========== - CVE-2016-4590 (same-origin policy bypass) xisigr of Tencent’s Xuanwu Lab discovered a vulnerability in the way webkit handles URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. - CVE-2016-4591 (arbitrary filesystem access) ma.la of LINE Corporation discoveered a vulnerability in the way webkit handles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. - CVE-2016-4622 (arbitrary code execution) Samuel Gross working with Trend Micro’s Zero Day Initiative discovered a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. - CVE-2016-4624 (arbitrary code execution) Apple found a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Impact ====== A remote attacker can execute arbitrary code, gain arbitrary filesystem access, crash a target system or bypass same-origin policies on the affected host. References ========== https://webkitgtk.org/security/WSA-2016-0005.html#CVE-201... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4...