Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2020-2304.NASLHistoryJan 25, 2021 - 12:00 a.m.
openSUSE Security Update : webkit2gtk3 (openSUSE-2020-2304)
2021-01-2500:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
80
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%
This update for webkit2gtk3 fixes the following issues :
-webkit2gtk3 was updated to version 2.30.3 (bsc#1179122 bsc#1179451) :
-
CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution.
-
CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution.
-
CVE-2021-9948: Fixed a type confusion which could have led to arbitrary code execution.
-
CVE-2021-9951: Fixed a use after free which could have led to arbitrary code execution.
-
CVE-2021-9983: Fixed an out of bounds write which could have led to arbitrary code execution.
-
Have the libwebkit2gtk package require libjavascriptcoregtk of the same version (bsc#1171531).
-
Enable c_loop on aarch64: currently needed for compilation to succeed with JIT disabled. Also disable sampling profiler, since it conflicts with c_loop (bsc#1177087).
This update was imported from the SUSE:SLE-15:Update update project.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2020-2304.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('compat.inc');
if (description)
{
script_id(145374);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/26");
script_cve_id(
"CVE-2020-13543",
"CVE-2020-13584",
"CVE-2020-9948",
"CVE-2020-9951",
"CVE-2020-9983",
"CVE-2021-13543",
"CVE-2021-13584",
"CVE-2021-9948",
"CVE-2021-9951",
"CVE-2021-9983"
);
script_name(english:"openSUSE Security Update : webkit2gtk3 (openSUSE-2020-2304)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for webkit2gtk3 fixes the following issues :
-webkit2gtk3 was updated to version 2.30.3 (bsc#1179122 bsc#1179451) :
- CVE-2021-13543: Fixed a use after free which could have
led to arbitrary code execution.
- CVE-2021-13584: Fixed a use after free which could have
led to arbitrary code execution.
- CVE-2021-9948: Fixed a type confusion which could have
led to arbitrary code execution.
- CVE-2021-9951: Fixed a use after free which could have
led to arbitrary code execution.
- CVE-2021-9983: Fixed an out of bounds write which could
have led to arbitrary code execution.
- Have the libwebkit2gtk package require
libjavascriptcoregtk of the same version (bsc#1171531).
- Enable c_loop on aarch64: currently needed for
compilation to succeed with JIT disabled. Also disable
sampling profiler, since it conflicts with c_loop
(bsc#1177087).
This update was imported from the SUSE:SLE-15:Update update project.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1171531");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1177087");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1179122");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1179451");
script_set_attribute(attribute:"solution", value:
"Update the affected webkit2gtk3 packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-9983");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/16");
script_set_attribute(attribute:"patch_publication_date", value:"2020/12/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/01/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit-jsc-4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.1", reference:"libjavascriptcoregtk-4_0-18-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"libjavascriptcoregtk-4_0-18-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"libwebkit2gtk-4_0-37-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"libwebkit2gtk-4_0-37-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"libwebkit2gtk3-lang-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"typelib-1_0-JavaScriptCore-4_0-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"typelib-1_0-WebKit2-4_0-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"typelib-1_0-WebKit2WebExtension-4_0-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit-jsc-4-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit-jsc-4-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk-4_0-injected-bundles-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk-4_0-injected-bundles-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk3-debugsource-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk3-devel-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk3-minibrowser-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"webkit2gtk3-minibrowser-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libjavascriptcoregtk-4_0-18-32bit-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libwebkit2gtk-4_0-37-32bit-2.30.3-lp151.2.28.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libwebkit2gtk-4_0-37-32bit-debuginfo-2.30.3-lp151.2.28.2") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | libjavascriptcoregtk-4_0-18 | p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18 |
| novell | opensuse | libjavascriptcoregtk-4_0-18-32bit | p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit |
| novell | opensuse | libjavascriptcoregtk-4_0-18-32bit-debuginfo | p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo |
| novell | opensuse | libjavascriptcoregtk-4_0-18-debuginfo | p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo |
| novell | opensuse | libwebkit2gtk-4_0-37 | p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37 |
| novell | opensuse | libwebkit2gtk-4_0-37-32bit | p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit |
| novell | opensuse | libwebkit2gtk-4_0-37-32bit-debuginfo | p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo |
| novell | opensuse | libwebkit2gtk-4_0-37-debuginfo | p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo |
| novell | opensuse | libwebkit2gtk3-lang | p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang |
| novell | opensuse | typelib-1_0-javascriptcore-4_0 | p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9951
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-13543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-13584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-9948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-9951
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-9983
bugzilla.opensuse.org/show_bug.cgi?id=1171531
bugzilla.opensuse.org/show_bug.cgi?id=1177087
bugzilla.opensuse.org/show_bug.cgi?id=1179122
bugzilla.opensuse.org/show_bug.cgi?id=1179451
Related
suse
suse
Security update for webkit2gtk3 (important)
2020-12-21 00:00:00
Security update for webkit2gtk3 (important)
2020-12-21 00:00:00
Security update for webkit2gtk3 (important)
2022-01-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3864-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3867-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2020-0441)
2022-01-28 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:3867-1)
2020-12-18 00:00:00
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:3864-1)
2020-12-18 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2020-2310)
2021-01-25 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2020-11-27 23:14:57
almalinux
almalinux
Moderate: GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
oraclelinux
oraclelinux
GNOME security, bug fix, and enhancement update
2021-05-25 00:00:00
gentoo
gentoo
WebkitGTK+: Multiple vulnerabilities
2020-12-23 00:00:00
debian
debian
[SECURITY] [DSA 4797-1] webkit2gtk security update
2020-11-24 18:45:16
archlinux
archlinux
[ASA-202011-28] webkit2gtk: arbitrary code execution
2020-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: webkit2gtk3-2.30.3-1.fc33
2020-11-29 01:27:55
[SECURITY] Fedora 32 Update: webkit2gtk3-2.30.3-1.fc32
2020-12-04 00:30:44
ubuntu
ubuntu
WebKitGTK vulnerabilities
2020-11-26 00:00:00
osv
osv
webkit2gtk vulnerabilities
2020-11-26 13:07:57
webkit2gtk - security update
2020-11-23 00:00:00
Moderate: GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
redhat
redhat
rocky
rocky
GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
apple
apple
About the security content of Safari 14.0 - Apple Support
2020-11-12 10:19:34
About the security content of Safari 14.0
2020-09-16 00:00:00
About the security content of iTunes 12.10.9 for Windows - Apple Support
2020-11-13 09:13:16
talos
talos
Webkit WebSocket code execution vulnerability
2020-11-30 00:00:00
Webkit ImageDecoderGStreamer use-after-free vulnerability
2020-11-30 00:00:00
Apple Safari/Webkit aboutBlankURL() code execution vulnerability
2020-09-30 00:00:00
prion
prion
Remote code execution
2020-12-03 17:15:00
Design/Logic Flaw
2020-12-03 17:15:00
Design/Logic Flaw
2020-10-16 17:15:00
alpinelinux
alpinelinux
cve
cve
veracode
veracode
Denial Of Service (DoS)
2021-04-29 12:13:09
Remote Code Execution (RCE)
2021-04-29 12:12:08
Remote Code Execution (RCE)
2021-04-29 12:15:30
redhatcve
redhatcve
nvd
nvd
cnvd
cnvd
WebKitGTK post-release reuse vulnerability
2020-12-04 00:00:00
ubuntucve
ubuntucve
cvelist
cvelist
debiancve
debiancve
zdi
zdi
Apple Safari replace Type Confusion Remote Code Execution Vulnerability
2020-09-21 00:00:00
kaspersky
kaspersky
KLA12007 Multiple vulnerabilities in Apple iTunes
2020-09-16 00:00:00
KLA12017 Mulitple vulnerabilities in Apple iCloud
2020-12-02 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%
Related for OPENSUSE-2020-2304.NASL