This issue occurs when processing maliciously crafted web content in WebKit. This may allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger type confusion, and execute arbitrary code on the target system.
Created webkit2gtk3 tracking bugs for this issue: Affects: fedora-all [bug 2169936] Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2169935]
Mitigation: set the environment variable JSC_useDFGJIT=0
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:0903 https://access.redhat.com/errata/RHSA-2023:0903
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:0902 https://access.redhat.com/errata/RHSA-2023:0902