WebKitGTK+ Security Advisory WSA-2017-0006

Several vulnerabilities were discovered in WebKitGTK+.

  • CVE-2017-7006
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to David Kohlbrenner of UC San Diego, an anonymous researcher.
    • Impact: A malicious website may exfiltrate data cross-origin. Description: Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered.
  • CVE-2017-7011
    • Versions affected: WebKitGTK+ before 2.16.3.
    • Credit to xisigr of Tencent’s Xuanwu Lab (tencent.com).
    • Impact: Visiting a malicious website may lead to address bar spoofing. Description: A state management issue was addressed with improved frame handling.
  • CVE-2017-7012
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Apple.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7018
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to lokihardt of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7019
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Zhiyang Zeng of Tencent Security Platform Department.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7020
    • Versions affected: WebKitGTK+ before 2.16.1.
    • Credit to likemeng of Baidu Security Lab.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7030
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室).
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7034
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室).
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7037
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to lokihardt of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7038
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Neil Jenkins of FastMail Pty Ltd, Egor Karbutov (@ShikariSenpai) of Digital Security and Egor Saltykov (@ansjdnakjdnajkd) of Digital Security.
    • Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting. Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management.
  • CVE-2017-7039
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7040
    • Versions affected: WebKitGTK+ before 2.16.3.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7041
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7042
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7043
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7046
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7048
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7049
    • Versions affected: WebKitGTK+ before 2.16.2.
    • Credit to Ivan Fratric of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed through improved memory handling.
  • CVE-2017-7052
    • Versions affected: WebKitGTK+ before 2.16.4.
    • Credit to cc working with Trend Micro’s Zero Day Initiative.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7055
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to The UK’s National Cyber Security Centre (NCSC).
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7056
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to lokihardt of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7059
    • Versions affected: WebKitGTK+ before 2.16.3.
    • Credit to an anonymous researcher.
    • Impact: Processing maliciously crafted web content with DOMParser may lead to cross site scripting. Description: A logic issue existed in the handling of DOMParser. This issue was addressed with improved state management.
  • CVE-2017-7061
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to lokihardt of Google Project Zero.
    • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling.
  • CVE-2017-7064
    • Versions affected: WebKitGTK+ before 2.16.6.
    • Credit to lokihardt of Google Project Zero.
    • Impact: An application may be able to read restricted memory. Description: A memory initialization issue was addressed through improved memory handling.

We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.

Further information about WebKitGTK+ Security Advisories can be found at: https://webkitgtk.org/security.html