Detections
Analytics
RHEL 8 : GNOME (RHSA-2020:4451)
critical Nessus Plugin ID 142418
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4451 advisory.- webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8813, CVE-2020-3867)
- webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710, CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)
- webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)
- webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)
- webkitgtk: Websites could reveal browsing history (CVE-2019-8769)
- webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)
- webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)
- webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)
- webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)
- webkitgtk: use-after-free via crafted web content (CVE-2020-11793)
- gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)
- LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)
- webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)
- webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)
- webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)
- webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)
- webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)
- webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)
- webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)
- webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)
- webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)
- webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)
- webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)
- webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806, CVE-2020-9807)
- webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)
- webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)
- webkitgtk: Command injection in web inspector (CVE-2020-9862)
- webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893, CVE-2020-9895)
- webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)
- webkitgtk: Access issue in content security policy (CVE-2020-9915)
- webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)
- webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)
- webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)
- webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)
- webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-9952
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2021-30666
https://access.redhat.com/security/cve/CVE-2021-30761
https://access.redhat.com/security/cve/CVE-2021-30762
https://access.redhat.com/errata/RHSA-2020:4451
https://bugzilla.redhat.com/1811721
https://bugzilla.redhat.com/1816678
https://bugzilla.redhat.com/1816684
https://bugzilla.redhat.com/1816686
https://bugzilla.redhat.com/1829369
https://bugzilla.redhat.com/1853477
https://bugzilla.redhat.com/1873093
https://bugzilla.redhat.com/1876462
https://bugzilla.redhat.com/1876463
https://bugzilla.redhat.com/1876465
https://bugzilla.redhat.com/1876468
https://bugzilla.redhat.com/1876470
https://bugzilla.redhat.com/1876472
https://bugzilla.redhat.com/1876473
https://bugzilla.redhat.com/1876476
https://bugzilla.redhat.com/1876516
https://bugzilla.redhat.com/1876518
https://bugzilla.redhat.com/1876521
https://bugzilla.redhat.com/1876522
https://bugzilla.redhat.com/1876523
https://bugzilla.redhat.com/1876536
https://bugzilla.redhat.com/1876537
https://bugzilla.redhat.com/1876540
https://bugzilla.redhat.com/1876543
https://bugzilla.redhat.com/1876545
https://bugzilla.redhat.com/1876548
https://bugzilla.redhat.com/1876549
https://bugzilla.redhat.com/1876550
https://bugzilla.redhat.com/1876552
https://bugzilla.redhat.com/1876553
https://bugzilla.redhat.com/1876554
https://bugzilla.redhat.com/1876555
https://bugzilla.redhat.com/1876556
https://bugzilla.redhat.com/1876590
https://bugzilla.redhat.com/1876591
https://bugzilla.redhat.com/1876594
https://bugzilla.redhat.com/1876607
https://bugzilla.redhat.com/1876611
https://bugzilla.redhat.com/1876617
https://bugzilla.redhat.com/1876619
https://bugzilla.redhat.com/1879532
https://bugzilla.redhat.com/1879535
https://bugzilla.redhat.com/1879536
https://bugzilla.redhat.com/1879538
https://bugzilla.redhat.com/1879540
https://bugzilla.redhat.com/1879541
https://bugzilla.redhat.com/1879545
https://bugzilla.redhat.com/1879557
https://bugzilla.redhat.com/1879559
https://bugzilla.redhat.com/1879563
https://bugzilla.redhat.com/1879564
https://bugzilla.redhat.com/1879566
https://bugzilla.redhat.com/1879568
https://bugzilla.redhat.com/1901219
https://bugzilla.redhat.com/1986877
Plugin Details
Severity: Critical
ID: 142418
File Name: redhat-RHSA-2020-4451.nasl
Version: 1.12
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 11/4/2020
Updated: 5/25/2023
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 8.1
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2020-3899
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2020-9895
Vulnerability Information
CPE: cpe:/o:redhat:enterprise_linux:8, cpe:/o:redhat:rhel_aus:8.4, cpe:/o:redhat:rhel_aus:8.6, cpe:/o:redhat:rhel_e4s:8.4, cpe:/o:redhat:rhel_e4s:8.6, cpe:/o:redhat:rhel_eus:8.4, cpe:/o:redhat:rhel_eus:8.6, cpe:/o:redhat:rhel_tus:8.4, cpe:/o:redhat:rhel_tus:8.6, p-cpe:/a:redhat:enterprise_linux:libraw, p-cpe:/a:redhat:enterprise_linux:libraw-devel, p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc, p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/4/2020
Vulnerability Publication Date: 9/23/2019
CISA Known Exploited Vulnerability Due Dates: 6/13/2022
Exploitable With
Metasploit (Safari in Operator Side Effect Exploit)
Reference Information
CVE: CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-10018, CVE-2020-11793, CVE-2020-14391, CVE-2020-15503, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925