An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. #### Bugs * <https://bugs.chromium.org/p/project-zero/issues/detail?id=1553> #### Notes Author| Note ---|--- [jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8

Affected Package

OS OS Version Package Name Package Version
ubuntu Upstream qtwebkit any
ubuntu Upstream qtwebkit-opensource-src any
ubuntu 21.10 qtwebkit-opensource-src any
ubuntu 20.04 qtwebkit-opensource-src any
ubuntu 18.04 qtwebkit-opensource-src any
ubuntu 16.04 qtwebkit-opensource-src any
ubuntu 14.04 qtwebkit-opensource-src any
ubuntu Upstream qtwebkit-source any
ubuntu 18.04 qtwebkit-source any
ubuntu 16.04 qtwebkit-source any
ubuntu 14.04 qtwebkit-source any
ubuntu Upstream webkit2gtk 2.20.3
ubuntu 18.04 webkit2gtk 2.20.3-0ubuntu0.18.04.1
ubuntu 16.04 webkit2gtk 2.20.3-0ubuntu0.16.04.1
ubuntu Upstream webkitgtk any
ubuntu 18.04 webkitgtk any
ubuntu 16.04 webkitgtk any
ubuntu 14.04 webkitgtk any