Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 20 Sep 2022 14:19:08 +0200
From: Carlos Alberto Lopez Perez <clopez@...lia.com>
To: webkit-gtk@...ts.webkit.org, webkit-wpe@...ts.webkit.org
Cc: security@...kit.org, distributor-list@...me.org,
 oss-security@...ts.openwall.com, bugtraq@...urityfocus.com
Subject: Re: WebKitGTK and WPE WebKit Security Advisory WSA-2022-0009


On 19/09/2022 14:44, Carlos Alberto Lopez Perez wrote:
> CVE-2022-32912
>     Versions affected: WebKitGTK and WPE WebKit before 2.36.8.
>     Credit to Jeonghoon Shin (@singi21a) at Theori working with Trend
>     Micro Zero Day Initiative.
>     Impact: Processing maliciously crafted web content may lead to
>     arbitrary code execution. Description: An out-of-bounds read was
>     addressed with improved bounds checking.

Just an update about this CVE: This issue doesn't affect Linux builds.
Only MacOS builds are affected by this.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.