2270288 – (CVE-2024-23252) CVE-2024-23252 webkit: processing malicious web content may lead to denial-of-service

Bug 2270288 (CVE-2024-23252) - CVE-2024-23252 webkit: processing malicious web content may lead to denial-of-service

Summary: CVE-2024-23252 webkit: processing malicious web content may lead to denial-of...

Keywords:
Status:	NEW
Alias:	CVE-2024-23252
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2274440 2274441
Blocks:	2270297
TreeView+	depends on / blocked

Reported:	2024-03-19 12:47 UTC by TEJ RATHI
Modified:	2024-04-12 09:21 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in WebKit. This flaw allows an attacker to trigger a denial of service condition by convincing a victim to visit a specially crafted website.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description TEJ RATHI 2024-03-19 12:47:14 UTC

Processing web content may lead to a denial-of-service. The issue was addressed with improved memory handling.
WebKit Bugzilla: 263758

Comment 2 TEJ RATHI 2024-04-11 05:24:47 UTC

Created webkitgtk tracking bugs for this issue:

Affects: fedora-all [bug 2274440]

Comment 3 TEJ RATHI 2024-04-11 05:29:01 UTC

Created webkit2gtk4.0 tracking bugs for this issue:

Affects: fedora-rawhide [bug 2274441]

Comment 4 Michael Catanzaro 2024-04-11 13:15:56 UTC

This CVE was created in error. Apple says the underlying bug is not a security issue. Seems like there was some miscommunication between the developer team and their Product Security.

Note You need to log in before you can comment on or make changes to this bug.