Allele Security Alert
ASA-2019-00303
Identifier(s)
ASA-2019-00303, CVE-2019-8622, WSA-2019-0003
Title
Multiple memory corruption
Vendor(s)
The WebKitGTK Team
The WPE WebKit Team
Product(s)
WebKitGTK
WPE WebKit
Affected version(s)
WebKitGTK before 2.24.0
WPE WebKit before 2.24.0
Fixed version(s)
WebKitGTK version 2.24.0
WPE WebKit version 2.24.0
Proof of concept
Unknown
Description
Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.
Technical details
Unknown
Credits
Samuel Groß (Google Project Zero)
Reference(s)
[webkit-gtk] WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://lists.webkit.org/pipermail/webkit-gtk/2019-May/003502.html
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://webkitgtk.org/security/WSA-2019-0003.html
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0003
https://wpewebkit.org/security/WSA-2019-0003.html
CVE-2019-8622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8622
CVE-2019-8622
https://nvd.nist.gov/vuln/detail/CVE-2019-8622
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 24, 2019