Bug 2270151 (CVE-2014-1745)
| Summary: | CVE-2014-1745 webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marco Benatto <mbenatto> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2270152 | ||
| Bug Blocks: | 2269740 | ||
|
Description
Marco Benatto
2024-03-18 16:05:33 UTC
Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2270152] This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2126 https://access.redhat.com/errata/RHSA-2024:2126 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2982 https://access.redhat.com/errata/RHSA-2024:2982 |