Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-4975.NASLHistorySep 22, 2021 - 12:00 a.m.
Debian DSA-4975-1 : webkit2gtk - security update
2021-09-2200:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-4975 advisory.
- A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)
Note that Nessus has not tested for this issue but has instead relied only on the applicationβs self-reported version number.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dsa-4975. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(153572);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");
script_cve_id("CVE-2021-30858");
script_xref(name:"IAVA", value:"2021-A-0414-S");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2021/11/17");
script_name(english:"Debian DSA-4975-1 : webkit2gtk - security update");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
script_set_attribute(attribute:"description", value:
"The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-4975
advisory.
- A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and
iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/webkit2gtk");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2021/dsa-4975");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-30858");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/webkit2gtk");
script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/bullseye/webkit2gtk");
script_set_attribute(attribute:"solution", value:
"Upgrade the webkit2gtk packages.
For the stable distribution (bullseye), this problem has been fixed in version 2.32.4-1~deb11u1.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-30858");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/08/24");
script_set_attribute(attribute:"patch_publication_date", value:"2021/09/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/09/22");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gir1.2-javascriptcoregtk-4.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gir1.2-webkit2-4.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-18");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-bin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-37");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-37-gtk2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:webkit2gtk-driver");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include('audit.inc');
include('debian_package.inc');
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
var release = get_kb_item('Host/Debian/release');
if ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');
var release = chomp(release);
if (! preg(pattern:"^(10)\.[0-9]+|^(11)\.[0-9]+", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);
var pkgs = [
{'release': '10.0', 'prefix': 'gir1.2-javascriptcoregtk-4.0', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'gir1.2-webkit2-4.0', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libjavascriptcoregtk-4.0-18', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libjavascriptcoregtk-4.0-bin', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libjavascriptcoregtk-4.0-dev', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libwebkit2gtk-4.0-37', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libwebkit2gtk-4.0-37-gtk2', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libwebkit2gtk-4.0-dev', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'libwebkit2gtk-4.0-doc', 'reference': '2.32.4-1~deb10u1'},
{'release': '10.0', 'prefix': 'webkit2gtk-driver', 'reference': '2.32.4-1~deb10u1'},
{'release': '11.0', 'prefix': 'gir1.2-javascriptcoregtk-4.0', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'gir1.2-webkit2-4.0', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-18', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-bin', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libjavascriptcoregtk-4.0-dev', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-37', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-37-gtk2', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-dev', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'libwebkit2gtk-4.0-doc', 'reference': '2.32.4-1~deb11u1'},
{'release': '11.0', 'prefix': 'webkit2gtk-driver', 'reference': '2.32.4-1~deb11u1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var release = NULL;
var prefix = NULL;
var reference = NULL;
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (release && prefix && reference) {
if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : deb_report_get()
);
exit(0);
}
else
{
var tested = deb_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-webkit2-4.0 / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | libjavascriptcoregtk-4.0-bin | p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-bin |
| debian | debian_linux | libjavascriptcoregtk-4.0-dev | p-cpe:/a:debian:debian_linux:libjavascriptcoregtk-4.0-dev |
| debian | debian_linux | libwebkit2gtk-4.0-37 | p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-37 |
| debian | debian_linux | libwebkit2gtk-4.0-37-gtk2 | p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-37-gtk2 |
| debian | debian_linux | libwebkit2gtk-4.0-dev | p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-dev |
| debian | debian_linux | libwebkit2gtk-4.0-doc | p-cpe:/a:debian:debian_linux:libwebkit2gtk-4.0-doc |
| debian | debian_linux | webkit2gtk-driver | p-cpe:/a:debian:debian_linux:webkit2gtk-driver |
| debian | debian_linux | 10.0 | cpe:/o:debian:debian_linux:10.0 |
| debian | debian_linux | 11.0 | cpe:/o:debian:debian_linux:11.0 |
| debian | debian_linux | gir1.2-javascriptcoregtk-4.0 | p-cpe:/a:debian:debian_linux:gir1.2-javascriptcoregtk-4.0 |
References
Related
almalinux
almalinux
Moderate: webkit2gtk3 security and bug fix update
2021-11-02 10:34:24
attackerkb
attackerkb
CVE-2021-30858
2021-08-24 00:00:00
redhat
redhat
(RHSA-2021:4686) Moderate: webkit2gtk3 security update
2021-11-16 07:41:20
(RHSA-2022:0075) Moderate: webkit2gtk3 security update
2022-01-11 09:08:18
(RHSA-2022:0059) Moderate: webkitgtk4 security update
2022-01-11 09:01:44
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0447)
2022-01-28 00:00:00
Fedora: Security Advisory for webkit2gtk3 (FEDORA-2021-edf6957b7d)
2021-10-07 00:00:00
Apple Safari Security Update (HT212808)
2021-09-14 00:00:00
ubuntu
ubuntu
WebKitGTK vulnerabilities
2021-09-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple iOS Use After Free (CVE-2021-30858)
2022-02-21 00:00:00
nessus
nessus
Oracle Linux 8 : webkit2gtk3 (ELSA-2021-4097)
2021-11-02 00:00:00
RHEL 7 : webkitgtk4 (RHSA-2022:0059)
2022-01-12 00:00:00
oraclelinux
oraclelinux
webkit2gtk3 security and bug fix update
2021-11-02 00:00:00
webkitgtk4 security update
2022-01-12 00:00:00
cve
cve
CVE-2021-30858
2021-08-24 19:15:00
mageia
mageia
Updated webkit2 packages fix security vulnerability
2021-09-29 20:22:22
Updated webkit2 packages fix security vulnerability
2021-10-29 22:32:22
osv
osv
Moderate: webkit2gtk3 security and bug fix update
2021-11-02 10:34:24
webkit2gtk vulnerabilities
2021-09-22 16:32:35
webkit2gtk - security update
2021-09-20 00:00:00
redhatcve
redhatcve
CVE-2021-30858
2021-09-20 21:33:04
debian
debian
[SECURITY] [DSA 4976-1] wpewebkit security update
2021-09-21 10:17:04
[SECURITY] [DSA 4975-1] webkit2gtk security update
2021-09-21 10:15:01
cisa_kev
cisa_kev
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
2021-11-03 00:00:00
alpinelinux
alpinelinux
CVE-2021-30858
2021-08-24 19:15:00
amazon
amazon
Medium: webkitgtk4
2022-02-03 19:30:00
rocky
rocky
webkit2gtk3 security and bug fix update
2021-11-02 10:34:24
githubexploit
githubexploit
Exploit for Use After Free in Apple Ipados
2021-10-14 01:51:39
veracode
veracode
Remote Code Execution (RCE)
2021-10-31 16:17:23
prion
prion
Design/Logic Flaw
2021-08-24 19:15:00
fedora
fedora
[SECURITY] Fedora 33 Update: webkit2gtk3-2.32.4-1.fc33
2021-10-04 01:04:10
[SECURITY] Fedora 34 Update: webkit2gtk3-2.32.4-1.fc34
2021-09-21 15:33:32
ubuntucve
ubuntucve
CVE-2021-30858
2021-08-24 00:00:00
debiancve
debiancve
CVE-2021-30858
2021-08-24 19:15:00
freebsd
freebsd
webkit2-gtk3 -- multiple vulnerabilities
2021-09-20 00:00:00
apple
apple
About the security content of Safari 14.1.2
2021-09-13 00:00:00
About the security content of iOS 12.5.5
2021-09-23 00:00:00
About the security content of iOS 14.8 and iPadOS 14.8
2021-09-13 00:00:00
hivepro
hivepro
cisa
cisa
Apple Releases Security Updates to Address CVE-2021-30858 and CVE-2021-30860
2021-09-13 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2021-10-12 00:00:00
Security update for webkit2gtk3 (important)
2021-10-18 00:00:00
Security update for webkit2gtk3 (important)
2022-02-17 00:00:00
thn
thn
Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware
2021-09-14 04:35:00
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog
2022-08-29 04:23:00
qualysblog
qualysblog
threatpost
threatpost
Apple Patches 3 More Zero-Days Under Active Attack
2021-09-24 11:29:27
malwarebytes
malwarebytes
Update now! Apple patches another privilege escalation bug in iOS and iPadOS
2021-10-12 16:07:53
gentoo
gentoo
WebkitGTK+: Multiple vulnerabilities
2022-02-01 00:00:00
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Donβt Know
2022-04-19 00:00:00
Related for DEBIAN_DSA-4975.NASL