oss-sec mailing list archives
Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0009
From: Carlos Alberto Lopez Perez <clopez () igalia com>
Date: Tue, 20 Sep 2022 14:19:08 +0200
On 19/09/2022 14:44, Carlos Alberto Lopez Perez wrote:
CVE-2022-32912 Versions affected: WebKitGTK and WPE WebKit before 2.36.8. Credit to Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: An out-of-bounds read was addressed with improved bounds checking.
Just an update about this CVE: This issue doesn't affect Linux builds. Only MacOS builds are affected by this.
Current thread:
- WebKitGTK and WPE WebKit Security Advisory WSA-2022-0009 Carlos Alberto Lopez Perez (Sep 19)
- Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0009 Carlos Alberto Lopez Perez (Sep 20)