Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. A type confusion issue was addressed with improved checks. Reference: https://webkitgtk.org/security/WSA-2023-0005.html
Created webkitgtk tracking bugs for this issue: Affects: fedora-all [bug 2218641]
This one is fixed by https://commits.webkit.org/263909@main
Mitigation: This vulnerability can be mitigated by setting the environment variable JSC_useDFGJIT=true
(In reply to Michael Catanzaro from comment #6) > This vulnerability can be mitigated by setting the environment variable > JSC_useDFGJIT=true It's not necessary to set this environment variable if you're already using JavaScriptCoreUseJIT=0 to mitigate other CVEs.
(In reply to Michael Catanzaro from comment #6) > Mitigation: > > This vulnerability can be mitigated by setting the environment variable > JSC_useDFGJIT=true Um, this should say: JSC_useDFGJIT=0
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4202 https://access.redhat.com/errata/RHSA-2023:4202
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4201 https://access.redhat.com/errata/RHSA-2023:4201
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-32439