2185724 – (CVE-2023-28205) CVE-2023-28205 WebKitGTK: use-after-free leads to arbitrary code execution

Bug 2185724 (CVE-2023-28205) - CVE-2023-28205 WebKitGTK: use-after-free leads to arbitrary code execution

Summary: CVE-2023-28205 WebKitGTK: use-after-free leads to arbitrary code execution

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2023-28205
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2185729 2185730 2185734 2185735 2185736 2185737 2185738 2185739 2185740 2185741 2185742 2185743 2185744 2185745 2185746 2188632 2188633
Blocks:	2185721
TreeView+	depends on / blocked

Reported:	2023-04-11 05:51 UTC by TEJ RATHI
Modified:	2023-04-21 12:54 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the webkitgtk package. An improper input validation issue may lead to a use-after-free vulnerability. This vulnerability allows attackers with network access to pass specially crafted web content files, causing Denial of Service or Arbitrary Code Execution.
Clone Of:
Environment:
Last Closed:	2023-04-20 20:05:05 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:1918	0	None	None	None	2023-04-20 14:33:11 UTC
Red Hat Product Errata	RHSA-2023:1919	0	None	None	None	2023-04-20 15:01:09 UTC

Description TEJ RATHI 2023-04-11 05:51:08 UTC

CVE-2023-28205 (WebKit)

It is a use-after-free vulnerability that allows attackers to process maliciously crafted web content that may lead to arbitrary code execution.

By tricking targets into loading malicious websites under the control of attackers, it is possible to exploit the vulnerability, which could lead to the execution of malware on compromised systems. Maliciously designed web content can cause the execution of arbitrary code, giving attackers access to your device without your knowledge. Apple has fixed this vulnerability with improved memory management.

WebKit Bugzilla: 254797

https://seclists.org/fulldisclosure/2023/Apr/1
https://seclists.org/fulldisclosure/2023/Apr/2
https://seclists.org/fulldisclosure/2023/Apr/3

Comment 1 TEJ RATHI 2023-04-11 06:06:08 UTC

Created webkit2gtk3 tracking bugs for this issue:

Affects: fedora-all [bug 2185730]


Created webkitgtk tracking bugs for this issue:

Affects: fedora-all [bug 2185729]

Comment 8 errata-xmlrpc 2023-04-20 14:33:10 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:1918 https://access.redhat.com/errata/RHSA-2023:1918

Comment 9 errata-xmlrpc 2023-04-20 15:01:07 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:1919 https://access.redhat.com/errata/RHSA-2023:1919

Comment 10 Product Security DevOps Team 2023-04-20 20:05:03 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-28205

Note You need to log in before you can comment on or make changes to this bug.