Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3636 WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008 22 November 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: WebKitGTK+ WPE WebKit Publisher: Webkit Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-4416 CVE-2018-4392 CVE-2018-4386 CVE-2018-4382 CVE-2018-4378 CVE-2018-4376 CVE-2018-4375 CVE-2018-4373 CVE-2018-4372 CVE-2018-4345 Reference: ESB-2018.3353.2 ESB-2018.3352.2 ESB-2018.3048 ESB-2018.2859 Original Bulletin: https://webkitgtk.org/security/WSA-2018-0008.html https://wpewebkit.org/security/WSA-2018-0008.html - --------------------------BEGIN INCLUDED TEXT-------------------- - ------------------------------------------------------------------------ WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008 - ------------------------------------------------------------------------ Date reported : November 21, 2018 Advisory ID : WSA-2018-0008 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0008.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0008.html CVE identifiers : CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4416. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE-2018-4345 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Credit to an anonymous researcher. A cross-site scripting issue existed in WebKit. This issue was addressed with improved URL validation. CVE-2018-4372 Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before 2.22.2. Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4373 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to ngg, alippai, DirtYiCE, KT of Tresorit working with Trend Micro=FFs Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4375 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to Yu Haiwan and Wu Hongjun From Nanyang Technological University working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4376 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to 010 working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4378 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to an anonymous researcher, zhunki of 360 ESG Codesafe Team. Processing maliciously crafted web content may lead to code execution. A memory corruption issue was addressed with improved validation. CVE-2018-4382 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4386 Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before 2.22.1. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4392 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to zhunki of 360 ESG Codesafe Team. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4416 Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before 2.22.0. Credit to lokihardt of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, November 21, 2018 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW/Yn/2aOgq3Tt24GAQjyNA/7BBSy5iYLxmCdSuKwS+3jNuaXDkIkV9Pd W/JOADxoVLl8xX3glusIzNX5I5EhyrNXY0Qt4AWp7XFzgDuCpJ5/q5mfkYZdVGtl M+hSifFycxc1uFGFXznSReKPHi/1UnMPkBNrs397WqwjMtNJ5tqAPH705ezlOPmn 9fpoHT0w9bqJ9ZYvLfbI35iSPxnvg0EdJ51RD581W/CileghZ9g2SAQ3sINCCfH2 jHn1yXr2GyLMg14Xze4K5DVGXJTmwUCF8X824dFw1N4wp7cr3wMRz57S5c0HdKq/ gcwPjkdtZAQP2HNX3t+rby0WzSIhxpZoo63W/84pf73jgcTTcp2n76RpztZg05JS KkKDf2LFd9MHsYhQhaVa6MFbIgsDEykgUBnfnXVQa7mSCEtrDLuT8pB6oPZu//ww LRs8BkK15NvFyrhTido/lnDJqhUxoblUK02Qk7DOG1bCVZovPBIdDJfRFwG37SqV 4LDUhh+9mwSKRV2AbkmHeqcZdzkkdLZjM0EYX0ZqCebg/WMCsqnCWlkFKrLpIG08 SCMHm29F49NpQIE77hXn7hmKwDNnGbLz8Acjc3/heejitY85IYgbI7H42lGEriEF qcFvZQdRQiCv2kEx0Nrj9FlPHZJPe87MihA7lcOxt5fPfBAL8K4f+lihhQ3xVQjT JRkkC7v6lYI= =Apw0 -----END PGP SIGNATURE-----