ALT-PU-2022-1740-1
Package libwebkitgtk4 updated to version 2.36.1-alt1 for branch sisyphus in task 298842.
Closed vulnerabilities
Published: 2022-05-06
BDU:2022-04287
Уязвимость функции WebCore::TextureMapperLayer::setContentsLayer модулей отображения веб-страниц WebKitGTK и WPE WebKit, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2022-05-06
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-30293
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- GLSA-202208-39
- GLSA-202208-39
- DSA-5154
- DSA-5154
- DSA-5155
- DSA-5155