Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. A memory corruption issue was addressed with improved state management. Reference: https://webkitgtk.org/security/WSA-2023-0005.html
Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2218627]
This one is fixed by https://commits.webkit.org/260038@main
Mitigation: Because this is a WebAssembly vulnerability and WebAssembly is disabled whenever JIT is disabled, this vulnerability can be mitigated using the environment variable JavaScriptCoreUseJIT=0
Actually, better mitigation: This vulnerability can be mitigated by using the environment variable JSC_useWebAssembly=true
(In reply to Michael Catanzaro from comment #7) > Actually, better mitigation: > > This vulnerability can be mitigated by using the environment variable > JSC_useWebAssembly=true It's not necessary to set this environment variable if you're already using JavaScriptCoreUseJIT=0 to mitigate other CVEs.
(In reply to Michael Catanzaro from comment #7) > Actually, better mitigation: > > This vulnerability can be mitigated by using the environment variable > JSC_useWebAssembly=true Um, this should say: JSC_useWebAssembly=0
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4202 https://access.redhat.com/errata/RHSA-2023:4202
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4201 https://access.redhat.com/errata/RHSA-2023:4201
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-32435