Bug 2270288 (CVE-2024-23252) - CVE-2024-23252 webkit: processing malicious web content may lead to denial-of-service
Summary: CVE-2024-23252 webkit: processing malicious web content may lead to denial-of...
Keywords:
Status: NEW
Alias: CVE-2024-23252
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2274440 2274441
Blocks: 2270297
TreeView+ depends on / blocked
 
Reported: 2024-03-19 12:47 UTC by TEJ RATHI
Modified: 2024-07-24 15:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in WebKit. This flaw allows an attacker to trigger a denial of service condition by convincing a victim to visit a specially crafted website.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description TEJ RATHI 2024-03-19 12:47:14 UTC
Processing web content may lead to a denial-of-service. The issue was addressed with improved memory handling.
WebKit Bugzilla: 263758

Comment 2 TEJ RATHI 2024-04-11 05:24:47 UTC
Created webkitgtk tracking bugs for this issue:

Affects: fedora-all [bug 2274440]

Comment 3 TEJ RATHI 2024-04-11 05:29:01 UTC
Created webkit2gtk4.0 tracking bugs for this issue:

Affects: fedora-rawhide [bug 2274441]

Comment 4 Michael Catanzaro 2024-04-11 13:15:56 UTC
This CVE was created in error. Apple says the underlying bug is not a security issue. Seems like there was some miscommunication between the developer team and their Product Security.


Note You need to log in before you can comment on or make changes to this bug.