8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.4%
GNOME is the default desktop environment of Rocky Linux.
The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304)
Security Fix(es):
webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)
webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)
glib2: insecure permissions for files and directories (CVE-2019-13012)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.
bugzilla.redhat.com/show_bug.cgi?id=1152037
bugzilla.redhat.com/show_bug.cgi?id=1464902
bugzilla.redhat.com/show_bug.cgi?id=1671761
bugzilla.redhat.com/show_bug.cgi?id=1700002
bugzilla.redhat.com/show_bug.cgi?id=1705392
bugzilla.redhat.com/show_bug.cgi?id=1728632
bugzilla.redhat.com/show_bug.cgi?id=1728896
bugzilla.redhat.com/show_bug.cgi?id=1765627
bugzilla.redhat.com/show_bug.cgi?id=1786496
bugzilla.redhat.com/show_bug.cgi?id=1796916
bugzilla.redhat.com/show_bug.cgi?id=1802105
bugzilla.redhat.com/show_bug.cgi?id=1833787
bugzilla.redhat.com/show_bug.cgi?id=1842229
bugzilla.redhat.com/show_bug.cgi?id=1845660
bugzilla.redhat.com/show_bug.cgi?id=1846376
bugzilla.redhat.com/show_bug.cgi?id=1854290
bugzilla.redhat.com/show_bug.cgi?id=1860946
bugzilla.redhat.com/show_bug.cgi?id=1861357
bugzilla.redhat.com/show_bug.cgi?id=1861769
bugzilla.redhat.com/show_bug.cgi?id=1865718
bugzilla.redhat.com/show_bug.cgi?id=1870837
bugzilla.redhat.com/show_bug.cgi?id=1871041
bugzilla.redhat.com/show_bug.cgi?id=1876291
bugzilla.redhat.com/show_bug.cgi?id=1881312
bugzilla.redhat.com/show_bug.cgi?id=1883304
bugzilla.redhat.com/show_bug.cgi?id=1883868
bugzilla.redhat.com/show_bug.cgi?id=1886822
bugzilla.redhat.com/show_bug.cgi?id=1888407
bugzilla.redhat.com/show_bug.cgi?id=1889411
bugzilla.redhat.com/show_bug.cgi?id=1889528
bugzilla.redhat.com/show_bug.cgi?id=1901212
bugzilla.redhat.com/show_bug.cgi?id=1901214
bugzilla.redhat.com/show_bug.cgi?id=1901216
bugzilla.redhat.com/show_bug.cgi?id=1901221
bugzilla.redhat.com/show_bug.cgi?id=1903043
bugzilla.redhat.com/show_bug.cgi?id=1903568
bugzilla.redhat.com/show_bug.cgi?id=1906499
bugzilla.redhat.com/show_bug.cgi?id=1918391
bugzilla.redhat.com/show_bug.cgi?id=1919429
bugzilla.redhat.com/show_bug.cgi?id=1919432
bugzilla.redhat.com/show_bug.cgi?id=1919435
bugzilla.redhat.com/show_bug.cgi?id=1919467
bugzilla.redhat.com/show_bug.cgi?id=1921151
bugzilla.redhat.com/show_bug.cgi?id=837035
errata.rockylinux.org/RLSA-2021:1586
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.017 Low
EPSS
Percentile
87.4%