Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Executive summary
The WebKit browser engine contains multiple vulnerabilities in various functions of the software. A malicious web page code could trigger multiple use-after-free errors, which could lead to remote and arbitrary code execution. An attacker could exploit these vulnerabilities by tricking the user into visiting a specially crafted, malicious web page on a browser utilizing WebKit.
In accordance with our coordinated disclosure policy, Cisco Talos worked with WebKit to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
Webkit WebSocket code execution vulnerability (TALOS-2020-1155/CVE-2020-13543)
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a web page to trigger this vulnerability.
For more information on this vulnerability, read the complete advisory here.
Webkit ImageDecoderGStreamer use-after-free vulnerability (TALOS-2020-1195/CVE-2020-13584)
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger this vulne ..
Support the originator by clicking the read the rest link below.
