Bugzilla – Bug 1205122
VUL-0: CVE-2022-32923: webkitgtk: A correctness issue in the JIT was addressed with improved checks
Last modified: 2022-11-30 08:08:00 UTC
CVE-2022-32923 Versions affected: WebKitGTK and WPE WebKit before 2.38.0. Credit to Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab. Impact: Processing maliciously crafted web content may disclose internal states of the app. Description: A correctness issue in the JIT was addressed with improved checks. References: https://bugzilla.redhat.com/show_bug.cgi?id=2140502 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32923 http://www.openwall.com/lists/oss-security/2022/11/04/4 https://www.cve.org/CVERecord?id=CVE-2022-32923 https://support.apple.com/en-us/HT213492 https://support.apple.com/en-us/HT213491 https://support.apple.com/en-us/HT213490 https://support.apple.com/en-us/HT213495 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213488
SUSE-SU-2022:4207-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-2.38.2-150400.4.22.1, webkit2gtk3-soup2-2.38.2-150400.4.22.1, webkit2gtk4-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): webkit2gtk4-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (src): webkit2gtk3-2.38.2-150400.4.22.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): webkit2gtk3-soup2-2.38.2-150400.4.22.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4285-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: openSUSE Leap 15.4 (src): webkit2gtk3-2.38.2-150200.54.2 openSUSE Leap 15.3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Server 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Retail Branch Server 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Manager Proxy 4.1 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server for SAP 15-SP2 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server 15-SP2-LTSS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Server 15-SP2-BCL (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): webkit2gtk3-2.38.2-150200.54.2 SUSE Enterprise Storage 7 (src): webkit2gtk3-2.38.2-150200.54.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4283-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): webkit2gtk3-2.38.2-2.120.1 SUSE OpenStack Cloud 9 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP5 (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): webkit2gtk3-2.38.2-2.120.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): webkit2gtk3-2.38.2-2.120.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4284-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1205120,1205121,1205122,1205123,1205124 CVE References: CVE-2022-32888,CVE-2022-32923,CVE-2022-42799,CVE-2022-42823,CVE-2022-42824 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15-SP1 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server for SAP 15 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise Server 15-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE Enterprise Storage 6 (src): webkit2gtk3-2.38.2-150000.3.122.1 SUSE CaaS Platform 4.0 (src): webkit2gtk3-2.38.2-150000.3.122.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.