Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Mageia: 2019-0281 Security Advisory: WebKit2 Memory Corruption Risks

mageia
Calendar Grey September 15, 2019
Dist Mageia Esm H88
New releases of webkit2 packages tackle vulnerabilities, enhancing memory management to thwart potential code execution exploits. Discover additional details!
Updated webkit2 packages fix security vulnerabilities: Processing maliciously crafted web content may lead to arbitrary code execution

Summary

Updated webkit2 packages fix security vulnerabilities:
Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling (CVE-2019-8644).
Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management (CVE-2019-8649).
Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved state management (CVE-2019-8658).
Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling (CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-20...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=25377

- https://webkitgtk.org/security/WSA-2019-0004.html

- https://webkitgtk.org/2019/07/02/webkitgtk2.24.3-released.html

- https://webkitgtk.org/2019/08/28/webkitgtk2.24.4-released.html

- https://www.cve.org/CVERecord?id=CVE-2019-8644

- https://www.cve.org/CVERecord?id=CVE-2019-8649

- https://www.cve.org/CVERecord?id=CVE-2019-8658

- https://www.cve.org/CVERecord?id=CVE-2019-8666

- https://www.cve.org/CVERecord?id=CVE-2019-8669

- https://www.cve.org/CVERecord?id=CVE-2019-8671

- https://www.cve.org/CVERecord?id=CVE-2019-8672

- https://www.cve.org/CVERecord?id=CVE-2019-8673

- https://www.cve.org/CVERecord?id=CVE-2019-8676

- https://www.cve.org/CVERecord?id=CVE-2019-8677

- https://www.cve.org/CVERecord?id=CVE-2019-8678

- https://www.cve.org/CVERecord?id=CVE-2019-8679

- https://www.cve.org/CVERecord?id=CVE-2019-8680

- https://www.cve.org/CVERecord?id=CVE-2019-8681

- https://www.cve.org/CVERecord?id=CVE-2019-8683

- https://www.cve.org/CVERecord?id=CVE-2019-8684

- https://www.cve.org/CVERecord?id=CVE-2019-8686

- https://www.cve.org/CVERecord?id=CVE-2019-8687

- https://www.cve.org/CVERecord?id=CVE-2019-8688

- https://www.cve.org/CVERecord?id=CVE-2019-8689

- https://www.cve.org/CVERecord?id=CVE-2019-8690

Topics%20covered

Topics Covered

security advisory code execution cross site scripting memory corruption arbitrary code Mageia webkit2

Resolution

SRPMS

- 7/core/webkit2-2.24.4-1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 15 Sep 2019
URL: https://advisories.mageia.org/MGASA-2019-0281.html
Type: security
CVE: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690

Topics%20covered

Topics Covered

security advisory code execution cross site scripting memory corruption arbitrary code Mageia webkit2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here