{ "threat_severity" : "Important", "public_date" : "2024-01-23T00:00:00Z", "bugzilla" : { "description" : "webkitgtk: type confusion may lead to arbitrary code execution", "id" : "2259893", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2259893" }, "cvss3" : { "cvss3_base_score" : "8.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-843", "details" : [ "A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.", "A flaw was found in WebKitGTK. Processing malicious web content may lead to remote code execution due to a type confusion issue. This vulnerability is known to be actively exploited in the wild and was included in the CISA's KEV catalog." ], "statement" : "This flaw depends on the WebKitGTK JIT engine to be enabled. This feature has been disabled in Red Hat Enterprise Linux 8.8 and 9.2 by the errata RHSA-2023:4202 and RHSA-2023:4201. Therefore, Red Hat Enterprise Linux 8.8 and 9.2, when these errata are applied, and newer versions are not affected by this vulnerability.\nRHSA-2023:4202: https://access.redhat.com/errata/RHSA-2023:4202\nRHSA-2023:4201: https://access.redhat.com/errata/RHSA-2023:4201\nTo exploit this flaw, an attacker needs to trick a user into processing or loading malicious web content. For this reason, this flaw was rated with an important, and not critical, severity.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2025-07-07T00:00:00Z", "advisory" : "RHSA-2025:10364", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "webkitgtk4-0:2.48.3-2.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-07-18T00:00:00Z", "advisory" : "RHSA-2023:4202", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "webkit2gtk3-0:2.38.5-1.el8_8.5" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9680", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "webkit2gtk3-0:2.46.3-1.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9679", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "webkit2gtk3-0:2.46.3-1.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9679", "cpe" : "cpe:/a:redhat:rhel_tus:8.4", "package" : "webkit2gtk3-0:2.46.3-1.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9679", "cpe" : "cpe:/a:redhat:rhel_e4s:8.4", "package" : "webkit2gtk3-0:2.46.3-1.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9653", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "webkit2gtk3-0:2.46.3-1.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9653", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "webkit2gtk3-0:2.46.3-1.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9653", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "webkit2gtk3-0:2.46.3-1.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-07-18T00:00:00Z", "advisory" : "RHSA-2023:4201", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "webkit2gtk3-0:2.38.5-1.el9_2.3" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2024-10-28T00:00:00Z", "advisory" : "RHSA-2024:8496", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "webkit2gtk3-0:2.46.1-1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-11-14T00:00:00Z", "advisory" : "RHSA-2024:9638", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "webkit2gtk3-0:2.46.3-1.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "webkitgtk", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "webkitgtk3", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-23222\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-23222\nhttps://webkitgtk.org/security/WSA-2024-0001.html\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog" ], "csaw" : true, "name" : "CVE-2024-23222", "mitigation" : { "value" : "Do not process or load untrusted web content. Please update the affected package as soon as possible.", "lang" : "en:us" } }