Arch Linux Security Advisory ASA-201609-2 ========================================= Severity: Critical Date : 2016-09-01 CVE-ID : CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4624 Package : webkit2gtk Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package webkit2gtk before version 2.12.4-1 is vulnerable to multiple issues. Resolution ========== Upgrade to 2.12.4-1. # pacman -Syu "webkit2gtk>=2.12.4-1" The problems have been fixed upstream in version 2.12.4. Workaround ========== None. Description =========== - CVE-2016-4590 (same-origin policy bypass) xisigr of Tencent’s Xuanwu Lab discovered a vulnerability in the way webkit handles URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. - CVE-2016-4591 (arbitrary filesystem access) ma.la of LINE Corporation discoveered a vulnerability in the way webkit handles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. - CVE-2016-4622 (arbitrary code execution) Samuel Gross working with Trend Micro’s Zero Day Initiative discovered a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. - CVE-2016-4624 (arbitrary code execution) Apple found a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Impact ====== A remote attacker can execute arbitrary code, gain arbitrary filesystem access, crash a target system or bypass same-origin policies on the affected host. References ========== https://webkitgtk.org/security/WSA-2016-0005.html#CVE-2016-4591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4590 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4591 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4622 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4624