CVE-2017-1000121Integer Overflow or Wraparound in Webkitgtk

CWE-190Integer Overflow or WraparoundCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-680Integer Overflow to Buffer Overflow7 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 29.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
WebkitgtkDebian Webkit2gtk
Timeline
PublishedNov 1
Latest updateMay 17

Description

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

debiandebian/webkit2gtk< webkit2gtk 2.16.3-2 (bookworm)
NVDwebkitgtk/webkitgtk< 2.16.3

Patches

Patch: trac.webkit.orgPatch: trac.webkit.org

🔴Vulnerability Details

2
GHSA
GHSA-rv46-gc6r-8ffx: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 22022-05-17
OSV
CVE-2017-1000121: The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 22017-11-01

📋Vendor Advisories

1
Debian
CVE-2017-1000121: webkit2gtk - The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not pro...2017

📐Framework References

3
CWE
Integer Overflow or Wraparound
CWE
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE
Integer Overflow to Buffer Overflow