Errata ALT-PU-2021-2878-1: Information

Package name: libwebkitgtk4
Version: 2.32.4-alt1
Bulletin updated: Sept. 24, 2021
Task: #284327

Fixes

Published: Dec. 25, 2021
Modified: Feb. 5, 2022

CVE-2021-45481

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Dec. 25, 2021
Modified: Feb. 5, 2022

CVE-2021-45482

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Dec. 25, 2021
Modified: Feb. 5, 2022

CVE-2021-45483

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top