Bug 1077535 – VUL-0: webkit2gtk3: various security fixed in WSA-2018-0002

Bug 1077535 - (CVE-2017-7153) VUL-0: webkit2gtk3: various security fixed in WSA-2018-0002

(CVE-2017-7153)
Summary:	VUL-0: webkit2gtk3: various security fixed in WSA-2018-0002

Status:	RESOLVED FIXED
Duplicates:	CVE-2017-7160 (view as bug list)

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv3:NVD:CVE-2017-7160:8.8:(AV:N/AC...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2018-01-25 06:10 UTC by Marcus Meissner
Modified:	2019-05-01 14:06 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2018-01-25 06:10:45 UTC

via oss-sec

------------------------------------------------------------------------
WebKitGTK+ Security Advisory                               WSA-2018-0002
------------------------------------------------------------------------

Date reported      : January 24, 2018
Advisory ID        : WSA-2018-0002
Advisory URL       : https://webkitgtk.org/security/WSA-2018-0002.html
CVE identifiers    : CVE-2018-4088, CVE-2018-4089, CVE-2018-4096,
                     CVE-2017-7153, CVE-2017-7160, CVE-2017-7161,
                     CVE-2017-7165, CVE-2017-13884, CVE-2017-13885.

Several vulnerabilities were discovered in WebKitGTK+.

CVE-2018-4088
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Jeonghoon Shin of Theori.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2018-4089
    Versions affected: WebKitGTK+ before 2.18.4.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2018-4096
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to OSS-Fuzz.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2017-7153
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Jerry Decime.
    Impact: Visiting a malicious website may lead to user interface
    spoofing. Description: Redirect responses to 401 Unauthorized may
    allow a malicious website to incorrectly display the lock icon on
    mixed content. This issue was addressed through improved URL display
    logic.

CVE-2017-7160
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Richard Zhu (fluorescence) working with Trend Micro's Zero
    Day Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2017-7161
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to Mitin Svyat.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A command injection issue
    existed in Web Inspector. This issue was addressed through improved
    escaping of special characters.

CVE-2017-7165
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro's Zero Day
    Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2017-13884
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro's Zero Day
    Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2017-13885
    Versions affected: WebKitGTK+ before 2.18.6.
    Credit to 360 Security working with Trend Micro's Zero Day
    Initiative.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.


We recommend updating to the last stable version of WebKitGTK+. It is
the best way of ensuring that you are running a safe version of
WebKitGTK+. Please check our website for information about the last
stable releases.

Further information about WebKitGTK+ Security Advisories can be found
at: https://webkitgtk.org/security.html

Comment 1 Karol Babioch 2018-01-26 16:26:51 UTC

*** Bug 1075775 has been marked as a duplicate of this bug. ***

Comment 5 Swamp Workflow Management 2018-10-24 16:43:48 UTC

SUSE-SU-2018:3387-1: An update that fixes 40 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1075775,1077535,1079512,1088182,1088932,1092278,1092279,1092280,1095611,1096060,1096061,1097693,1101999,1102530,1104169
CVE References: CVE-2017-13884,CVE-2017-13885,CVE-2017-7153,CVE-2017-7160,CVE-2017-7161,CVE-2017-7165,CVE-2018-11646,CVE-2018-11712,CVE-2018-11713,CVE-2018-12911,CVE-2018-4088,CVE-2018-4096,CVE-2018-4101,CVE-2018-4113,CVE-2018-4114,CVE-2018-4117,CVE-2018-4118,CVE-2018-4119,CVE-2018-4120,CVE-2018-4121,CVE-2018-4122,CVE-2018-4125,CVE-2018-4127,CVE-2018-4128,CVE-2018-4129,CVE-2018-4133,CVE-2018-4146,CVE-2018-4161,CVE-2018-4162,CVE-2018-4163,CVE-2018-4165,CVE-2018-4190,CVE-2018-4199,CVE-2018-4200,CVE-2018-4204,CVE-2018-4218,CVE-2018-4222,CVE-2018-4232,CVE-2018-4233,CVE-2018-4246
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    webkit2gtk3-2.20.3-2.23.8
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    webkit2gtk3-2.20.3-2.23.8
SUSE Linux Enterprise Server 12-SP3 (src):    webkit2gtk3-2.20.3-2.23.8
SUSE Linux Enterprise Desktop 12-SP3 (src):    webkit2gtk3-2.20.3-2.23.8

Comment 6 Swamp Workflow Management 2018-10-25 22:12:27 UTC

openSUSE-SU-2018:3473-1: An update that fixes 40 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1075775,1077535,1079512,1088182,1088932,1092278,1092279,1092280,1095611,1096060,1096061,1097693,1101999,1102530,1104169
CVE References: CVE-2017-13884,CVE-2017-13885,CVE-2017-7153,CVE-2017-7160,CVE-2017-7161,CVE-2017-7165,CVE-2018-11646,CVE-2018-11712,CVE-2018-11713,CVE-2018-12911,CVE-2018-4088,CVE-2018-4096,CVE-2018-4101,CVE-2018-4113,CVE-2018-4114,CVE-2018-4117,CVE-2018-4118,CVE-2018-4119,CVE-2018-4120,CVE-2018-4121,CVE-2018-4122,CVE-2018-4125,CVE-2018-4127,CVE-2018-4128,CVE-2018-4129,CVE-2018-4133,CVE-2018-4146,CVE-2018-4161,CVE-2018-4162,CVE-2018-4163,CVE-2018-4165,CVE-2018-4190,CVE-2018-4199,CVE-2018-4200,CVE-2018-4204,CVE-2018-4218,CVE-2018-4222,CVE-2018-4232,CVE-2018-4233,CVE-2018-4246
Sources used:
openSUSE Leap 42.3 (src):    webkit2gtk3-2.20.3-11.1

Comment 7 Karol Babioch 2018-10-30 15:37:05 UTC

Fixed and released, closing bug.