Lucene search

K
archlinuxArchLinuxASA-202103-24
HistoryMar 25, 2021 - 12:00 a.m.

[ASA-202103-24] webkit2gtk: multiple issues

2021-03-2500:00:00
security.archlinux.org
200
web security
webkit2gtk
arbitrary code execution
access restriction bypass
sandbox escape
information disclosure
remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.017

Percentile

88.1%

Arch Linux Security Advisory ASA-202103-24

Severity: High
Date : 2021-03-25
CVE-ID : CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789
CVE-2021-1799 CVE-2021-1801 CVE-2021-1870
Package : webkit2gtk
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1721

Summary

The package webkit2gtk before version 2.30.6-1 is vulnerable to
multiple issues including arbitrary code execution, access restriction
bypass, information disclosure and sandbox escape.

Resolution

Upgrade to 2.30.6-1.

pacman -Syu “webkit2gtk>=2.30.6-1”

The problems have been fixed upstream in version 2.30.6.

Workaround

None.

Description

  • CVE-2020-27918 (arbitrary code execution)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. Processing maliciously crafted web content may
lead to arbitrary code execution.

  • CVE-2020-29623 (information disclosure)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. “Clear History and Website Data” did not clear
the history in some circumstances.

  • CVE-2021-1765 (sandbox escape)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. Maliciously crafted web content may violate
iframe sandboxing policy.

  • CVE-2021-1789 (arbitrary code execution)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. Processing maliciously crafted web content may
lead to arbitrary code execution.

  • CVE-2021-1799 (access restriction bypass)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. A malicious website may be able to access
restricted ports on arbitrary servers.

  • CVE-2021-1801 (sandbox escape)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. Maliciously crafted web content may violate
iframe sandboxing policy.

  • CVE-2021-1870 (arbitrary code execution)

A security issue was discovered in WebKitGTK before 2.30.6 and WPE
WebKit before 2.30.6. A remote attacker may be able to cause arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited.

Impact

A remote attacker is able to use maliciously crafted web content to
execute arbitrary code or violate the iframe policy. A malicious server
could access restricted ports.

References

https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2020-27918
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2020-29623
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1765
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1789
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1799
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1801
https://webkitgtk.org/security/WSA-2021-0002.html#CVE-2021-1870
https://security.archlinux.org/CVE-2020-27918
https://security.archlinux.org/CVE-2020-29623
https://security.archlinux.org/CVE-2021-1765
https://security.archlinux.org/CVE-2021-1789
https://security.archlinux.org/CVE-2021-1799
https://security.archlinux.org/CVE-2021-1801
https://security.archlinux.org/CVE-2021-1870

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanywebkit2gtk< 2.30.6-1UNKNOWN

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.017

Percentile

88.1%