Bug 1188294 - (CVE-2021-21806) VUL-0: CVE-2021-21806: webkit2gtk3: fireEventListeners use-after-free vulnerability
VUL-0: CVE-2021-21806: webkit2gtk3: fireEventListeners use-after-free vulnera...
Status: RESOLVED DUPLICATE of bug 1188697
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2021-07-14 06:45 UTC by Alexander Bergmann
Modified: 2021-07-26 10:12 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2021-07-14 06:45:45 UTC

An exploitable use-after-free vulnerability exists in WebKitGTK browser version
2.30.3 x64. A specially crafted HTML web page can cause a use-after-free
condition, resulting in remote code execution. The victim needs to visit a
malicious web site to trigger the vulnerability.

Comment 1 Alexander Bergmann 2021-07-14 06:48:00 UTC
There is currently no security advisory at WebKitGTK mentioning this issue.


It is unclear which version fixes this issue.
Comment 2 Robert Frohl 2021-07-26 10:12:06 UTC
closing as duplicate in favor of bsc#1188697

*** This bug has been marked as a duplicate of bug 1188697 ***