Debian DSA-4724-1 : webkit2gtk - security update

critical Nessus Plugin ID 138644

Synopsis

The remote Debian host is missing a security-related update.

Description

The following vulnerabilities have been discovered in the webkit2gtk web engine :

- CVE-2020-9802 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.

- CVE-2020-9803 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution.

- CVE-2020-9805 An anonymous researcher discovered that processing maliciously crafted web content may lead to universal cross site scripting.

- CVE-2020-9806 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution.

- CVE-2020-9807 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution.

- CVE-2020-9843 Ryan Pickren discovered that processing maliciously crafted web content may lead to a cross site scripting attack.

- CVE-2020-9850 @jinmo123, @setuid0x0_, and @insu_yun_en discovered that a remote attacker may be able to cause arbitrary code execution.

- CVE-2020-13753 Milan Crha discovered that an attacker may be able to execute commands outside the bubblewrap sandbox.

Solution

Upgrade the webkit2gtk packages.

For the stable distribution (buster), these problems have been fixed in version 2.28.3-2~deb10u1.

See Also

https://security-tracker.debian.org/tracker/CVE-2020-9802

https://security-tracker.debian.org/tracker/CVE-2020-9803

https://security-tracker.debian.org/tracker/CVE-2020-9805

https://security-tracker.debian.org/tracker/CVE-2020-9806

https://security-tracker.debian.org/tracker/CVE-2020-9807

https://security-tracker.debian.org/tracker/CVE-2020-9843

https://security-tracker.debian.org/tracker/CVE-2020-9850

https://security-tracker.debian.org/tracker/CVE-2020-13753

https://security-tracker.debian.org/tracker/source-package/webkit2gtk

https://packages.debian.org/source/buster/webkit2gtk

https://www.debian.org/security/2020/dsa-4724

Plugin Details

Severity: Critical

ID: 138644

File Name: debian_DSA-4724.nasl

Version: 1.7

Type: local

Agent: unix

Published: 7/20/2020

Updated: 5/13/2022

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:H/RL:OF/RC:C

CVSS Score Source: CVE-2020-9850

CVSS v3

Risk Factor: Critical

Base Score: 10

Temporal Score: 9.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:webkit2gtk, cpe:/o:debian:debian_linux:10.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/15/2020

Vulnerability Publication Date: 6/9/2020

Exploitable With

Metasploit (Safari in Operator Side Effect Exploit)

Reference Information

CVE: CVE-2020-13753, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850

DSA: 4724