Bug 1165528 - (CVE-2020-10018) VUL-1: CVE-2020-10018: libQtWebKit4,webkit2gtk3,webkitgtk,libqt5-qtwebkit: mishandling of the m_deferredFocusedNodeChange data structure in accessibility/AXObjectCache.cpp allows a denial of service (application crash)
(CVE-2020-10018)
VUL-1: CVE-2020-10018: libQtWebKit4,webkit2gtk3,webkitgtk,libqt5-qtwebkit: mi...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/254096/
CVSSv3.1:SUSE:CVE-2020-10018:5.3:(AV...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-03-03 09:56 UTC by Wolfgang Frisch
Modified: 2022-04-11 08:21 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
webkit-CVE-2020-10018.patch (650 bytes, patch)
2020-03-03 14:22 UTC, Wolfgang Frisch
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2020-03-03 09:56:18 UTC
CVE-2020-10018

accessibility/AXObjectCache.cpp in WebKit, as used in WebKitGTK through 2.26.4
and WPE WebKit through 2.26.4, allows a denial of service (application crash)
because maintenance of the m_deferredFocusedNodeChange data structure mishandles
removal.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10018
https://trac.webkit.org/changeset/257292
https://bugs.webkit.org/show_bug.cgi?id=204342
Comment 1 Wolfgang Frisch 2020-03-03 14:22:06 UTC
Created attachment 831799 [details]
webkit-CVE-2020-10018.patch
Comment 2 Marcus Meissner 2020-03-23 07:42:31 UTC
webkit2gtk3 is gnome bugs
Comment 7 Swamp Workflow Management 2020-04-24 19:18:11 UTC
SUSE-SU-2020:1109-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1165528,1169658
CVE References: CVE-2020-10018,CVE-2020-11793
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise Server 15-LTSS (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    webkit2gtk3-2.28.1-3.49.2
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    webkit2gtk3-2.28.1-3.49.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2020-04-29 10:17:47 UTC
SUSE-SU-2020:1135-1: An update that fixes 30 vulnerabilities is now available.

Category: security (important)
Bug References: 1155321,1156318,1159329,1161719,1163809,1165528,1169658
CVE References: CVE-2019-8625,CVE-2019-8710,CVE-2019-8720,CVE-2019-8743,CVE-2019-8764,CVE-2019-8766,CVE-2019-8769,CVE-2019-8771,CVE-2019-8782,CVE-2019-8783,CVE-2019-8808,CVE-2019-8811,CVE-2019-8812,CVE-2019-8813,CVE-2019-8814,CVE-2019-8815,CVE-2019-8816,CVE-2019-8819,CVE-2019-8820,CVE-2019-8823,CVE-2019-8835,CVE-2019-8844,CVE-2019-8846,CVE-2020-10018,CVE-2020-11793,CVE-2020-3862,CVE-2020-3864,CVE-2020-3865,CVE-2020-3867,CVE-2020-3868
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE OpenStack Cloud 8 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE OpenStack Cloud 7 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP5 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP4 (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP3-BCL (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Linux Enterprise Server 12-SP2-BCL (src):    webkit2gtk3-2.28.1-2.50.3
SUSE Enterprise Storage 5 (src):    webkit2gtk3-2.28.1-2.50.3
HPE Helion Openstack 8 (src):    webkit2gtk3-2.28.1-2.50.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2020-05-02 16:14:04 UTC
openSUSE-SU-2020:0602-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1165528,1169658
CVE References: CVE-2020-10018,CVE-2020-11793
Sources used:
openSUSE Leap 15.1 (src):    webkit2gtk3-2.28.1-lp151.2.15.2
Comment 10 Gabriele Sonnu 2022-04-11 08:21:00 UTC
Done.